Marshall University's Institute for Cyber Security Hosts Two-Day OT Security Training This Week

Marshall University's Institute for Cyber Security will host a hands-on operational technology training event on April 14–15. This program aims to equip leaders with the skills needed to protect critical infrastructure, including water systems, energy grids, healthcare, and transportation networks.

Salma Mubarak
Cloud Security & AI Security Contributor3 min read
Marshall University Institute for Cyber Security Executive Director Alexandria Donathan speaks about the April 2026 operational technology cybersecurity training event in Huntington, West Virginia

Marshall University Institute for Cyber Security Executive Director Alexandria Donathan speaks about the April 2026 operational technology cybersecurity training event in Huntington, West Virginia

Marshall University's Institute for Cyber Security is hosting a two-day operational technology (OT) security training event in Huntington, West Virginia, this week, running April 14–15 from 9 a.m. to 4 p.m. each day. The programme is designed for technology and operations leaders who need practical skills to identify risks and defend the systems underpinning critical community infrastructure.

Executive Director Alexandria Donathan, who leads Marshall's statewide cybersecurity hub, spoke about the event on MetroNews "Talkline" ahead of its opening. She said the training is aimed at both the next generation of cybersecurity professionals and the current workforce — particularly those in operational roles who have not historically been required to think about cyber risk.

"This is to educate not only the growing workforce but the current workforce, where cybersecurity hasn't been something followed on," Donathan said. She pointed to a water facility hack in Massachusetts by Chinese actors as the kind of wake-up call many organisations only receive too late. "You don't care until you have to care — we're trying to make sure people don't have to care, but they're informed."

What the Training Covers

Participants will work across five critical infrastructure sectors throughout the two days: energy, water and wastewater, transportation, healthcare, and finance. The training is structured around applied governance frameworks — including IEC 62443, the internationally recognised standard for securing industrial automation and control systems, and the NIST Cybersecurity Framework — to help attendees build structured, repeatable approaches to OT security rather than responding to threats reactively.

The goal is for participants to leave with a working understanding of how to identify risks in their environments, apply governance frameworks to physical and digital systems, and strengthen resilience across the kind of infrastructure that communities depend on daily.

The Nation-State Threat Context

Donathan placed the training squarely in the context of a rapidly evolving and increasingly sophisticated threat landscape. While AI-powered attacks are broadening the range of actors capable of launching disruptive operations, she noted that the most methodical, long-duration campaigns tend to originate with nation-states.

"I would say the longer, more methodical attacks definitely would belong to a nation-state actor given the amount of resources they have by their nation," she said. She pointed to CISA reporting on Chinese state-sponsored actors as a key reference point, noting there is a substantial body of publicly available, unclassified intelligence detailing how these groups have been ramping up activity inside US critical infrastructure in recent years.

Why Digital Convenience Creates New Risk

Donathan also addressed a core tension that many operational technology environments face as they modernise: every step toward digital efficiency introduces new attack surfaces that require careful management.

"As you make things easier for you in a digital environment, you're also introducing risks — that's where we're trying to educate the current workforce, to understand the risks that they are administering into their environment and then properly help segment and protect that as we move out," she said.

Marshall University has been designated a National Center of Academic Excellence in Cyber Defense Education by the NSA and CISA, and its Institute for Cyber Security operates as a statewide hub for cybersecurity education, applied research and workforce development across West Virginia and the broader Appalachian region.

Salma Mubarak

Cloud Security & AI Security Contributor

Salma is a cloud security architect and AI risk analyst specializing in DevSecOps, SaaS security, and infrastructure protection. She focuses on identifying cloud misconfigurations, AI vulnerabilities, and implementing zero-trust security frameworks for modern organizations.

At MENA Cyber Wire, Salma breaks down complex cybersecurity and AI risk concepts into clear, practical insights for founders, IT managers, and security professionals across the MENA region.