Through a new grant program, Massachusetts will train 50,000 employees from 177 municipalities and public school districts with cybersecurity training to better detect and avoid cyber threats.
The 2023 Municipal Cybersecurity Awareness Grant Program is designed to support local government efforts to improve overall cybersecurity posture through comprehensive online end-user training, evaluation, and threat simulation.
The program is administered by the Executive Office of Technology Services and Security and its Office of Municipal and School Technology and funded via $250,000 in capital IT authorizations from the 2022 General Governmental Bond Bill.
According to Gov. Maura Healey’s office, awarded communities will receive licenses for end-user training, assessment, and phishing simulation procured by the Executive Office of Technology Services and Security. Her office also noted that “demonstrated buy-in” from the chief executive in the community is a requirement of all program participants. The training is offered at no cost to participating organizations.
“Our administration is committed to providing communities across Massachusetts with the resources they need to defend their technology against potential cyber threats,” said Gov. Healey. “We are thrilled to see municipal leaders from across the Commonwealth prioritize cybersecurity by providing this vital training to their employees. Our administration will continue to advocate for resources to further support our partners in municipal government to meet the needs of the constituents they serve.”
At the start of the program, participants will undergo an initial cyber strength assessment to measure baseline cybersecurity awareness. After that assessment, participants will undergo periodic assessments consisting of training modules and simulated phishing email campaigns to help participants build good cyber hygiene habits to increase awareness of deceptive techniques used by bad actors to gain unauthorized access to government systems. At the end of the program, participants complete a final cyber strength assessment to measure their progress.
“Building good cybersecurity habits doesn’t require a technical background and is important for all employees in the digital era,” said Lt. Gov. Kimberley Driscoll. “The Municipal Cybersecurity Awareness Grant Program is an important resource for the Commonwealth’s municipalities, is provided at no cost, and is crafted to fit into the hectic and busy schedules that municipal officials, teachers, and administrative staff have.”
Program participants also receive quarterly threat briefings and weekly newsletters with cybersecurity best practices and program updates provided by the Office of Municipal and School Technology. Municipal information technology officials also receive monthly summary progress reports that detail the number of employees that inadvertently clicked on malicious links contained in the simulated phishing emails, which Gov. Healey’s office says offers “important visibility on the threat landscape.”
“This grant program is a critical component to ensuring that our local government technology is resilient, secure, and remains accessible to the constituents we serve,” said Secretary of Technology Services and Security Jason Snyder. “Municipal officials from across the Commonwealth are demonstrating their leadership on cybersecurity by participating in this important program and I thank them for their partnership in this initiative.”