A conversation with Germil Ware, lead course developer and instructor with The University of Memphis
What makes NCPC’s training approach unique compared to other cybersecurity programs you’ve encountered?
NCPC’s training stands out because it brings together people from every level of government and the private sector, providing practical skills that can be used immediately. The courses are congressionally-funded, which ensures our training aligns with national priorities while remaining accessible to state, local, tribal and territorial communities.
How do you tailor your instruction to meet the needs of diverse audiences?
I tailor the instruction by developing course materials with consideration of both technical depth and accessibility, mapping industry frameworks to common language that anyone, ranging from the common first-time learner to experienced industry professionals, can understand. I scale the complexity as the course progresses, ensuring no one is left behind while technical participants gain deeper expertise.
During a live course session, I noticed learners were uncertain about the real-world severity of cyber risks to critical infrastructure, so I shifted to discussing simple scenarios such as phishing attacks, where someone pretends to be leadership to obtain passwords from unsuspecting personnel. When learners realized how these basic tactics from threat actors could impact and disrupt critical Distributed Energy Resources and Operational Technology systems, they were intrigued and curious that these vulnerabilities existed at the level they do, which generated deeper engagement and questions than the original lesson plan.
How do you see NCPC training contributing to national cybersecurity resilience and community preparedness?
NCPC training directly supports Presidential Policy Directive 21 and Presidential Policy Directive 8 by helping state, local, tribal, and territorial communities build the capability to protect essential services people depend on every day. By training emergency managers, utility operators, public safety personnel and everyday citizens together, we create shared understanding across all levels that prepares communities to recognize threats, respond effectively, and recover faster when cyber incidents occur.
What feedback have you received from participants that highlights the value or effectiveness of NCPC courses?
After delivering a course, a service member of the US Armed Services told me the course changed their perspective on critical infrastructure vulnerabilities, helping them understand how cyberattacks on Operational Technology could impact mission readiness and base operations. This led them to initiate coordination with installation security teams they had not previously engaged with on cyber issues.
What do you find most rewarding about teaching cybersecurity preparedness through NCPC?
Helping individuals with curiosity is most rewarding because I see the course’s positive impact on their professional development and confidence. Watching learners connect technical concepts to their real-world responsibilities and realize they can make their community more secure shows that cybersecurity preparedness empowers people at every level to take meaningful action.
How do you stay current with evolving cyber threats and integrate that knowledge into your instruction?
I stay current by continuing my personal educational development as well as maintaining open communication to informational channels such as journals, government advisories, and industry publications. When I encounter new information, I make adjustments to integrate relevant examples and refine scenarios to reflect current risks participants face today.
How does the NCPC prepare participants for real-world cybersecurity concerns?
The NCPC bridges the gap with critical information learners may not be aware of in their current role, helping them consider alternative angles and aspects of cybersecurity risk. The combination of foundational web modules and live instructor-led sessions ensures participants leave not just informed, but prepared to recognize vulnerabilities and respond effectively when incidents occur.