IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Massachusetts Seeks to Boost Municipal Cyber-Resiliency

The commonwealth's new program, which is backed by state funding, will help communities develop effective cyber-response plans. Local governments, as well as states, often lack such concrete planning.

A new state program in Massachusetts is strengthening the cyber-resiliency of its 351 municipalities, heading off the ever-increasing threat of hackers.

The program, which was announced last week at the state's third annual Cybersecurity Forum, will sponsor a series of workshops to assist communities in developing or improving their cyberincident response plans. 

Such response plans — seen by defense experts as a key to containing and mitigating threats — are woefully lacking in not just state and local governments, but state governments as well.   

$300,000 in funding from the state's MassCyberCenter at MassTech Collaborative, a quasi-governmental entity that was created to stimulate economic development around cybersecurity, made it possible.

Stephanie Helm, the director of the MassCyberCenter, said in an interview with Government Technology that the program would hopefully help communities think about key security issues and vulnerabilities. 

"Over the course of making a plan, you start to address a lot of problems," Helm said.

Issues like clarifying keys areas of network protection, prioritizing certain response steps, and setting up lines of emergency communication, can all be confronted during planning development, she added. 

Helm, who is a former U.S. Navy Captain with significant experience in information operations and cyberwarfare, said that more than half of the state's municipalities may not currently have a plan. "Every city and town is responsible for their own IT and their own cybersecurity. Some are better prepared than others," Helm said. "A lot of these towns don't even have an IT department, or even an IT guy." 

With that shortage of manpower and expertise, developing a response plan is all the more important.  

According to Helm, the upcoming program will likely consist of two workshops: the first will focus on helping communities develop or improve their plans; the second will take place some months later, and will focus on the communities' progress in developing them. Each workshop will be run five times — once in each distinct geographical region of the state — to optimize participation. 

Helm said she hoped the program would also inspire collaboration and communication between different communities on issues of defense and security.    

"I think it's important that [municipalities] all know who their neighbors are," she said. "They can work on their own individual plans, but then [we hope] that when they meet their neighbor we hope that helps facilitate [information sharing and collaboration] if there's ever problems."   

At last week's forum, Massachusetts Gov. Charlie Baker commended the program as a step in the right direction. 

"We are pleased to provide these new educational opportunities to guide cities and towns as they build a team, prioritize critical assets and close any gaps that exist in order to develop plans to combat cybersecurity threats,” Baker said. 

Lucas Ropek is a former staff writer for Government Technology.