County & Local

Massachusetts launches cybersecurity training program for municipal workers

The 2024 Municipal Cybersecurity Awareness Grant Program provides 78,000 Massachusetts staff with training designed to prevent cyberattacks.

By Sophia Fox-Sowell

January 25, 2024

Democratic Massachusetts Governor Elect Maura Healey celebrates victory and delivers a speech during a watch party at the Copley Plaza hotel on election night in Boston, Massachusetts on November 8, 2022. (Joseph Prezioso / AFP via Getty Images)

On Thursday, Massachusetts announced the state’s 2024 Municipal Cybersecurity Awareness Grant Program, which will provide 78,000 employees from municipalities and public school districts across the state with training designed to prevent cyberattacks.

The program, administered by the state’s Office of Municipal and School Technology, aims to improve cyber preparedness through virtual training, evaluation and threat simulation. After completion, communities will receive licenses for end-user training, assessment and phishing simulation.

“Our administration is committed to partnering with our municipalities to move forward on our shared IT and cybersecurity goals” Massachusetts Gov. Maura Healey said in a statement. “We are thrilled to see so many cities and towns prioritize cyber readiness through the Municipal Cybersecurity Awareness Training Grant Program.”

Like many state and local governments, Massachusetts is no stranger to cyberattacks against its government offices, schools and critical infrastructure.

Last January, a ransomware attack forced a school on Nantucket Island to close. In June, a public high school in Essex County was the target of a cyberattack by a former employee, which damaged the school’s computer network. And in December, a cyber incident crippled the electronic health records system at Anna Jaques Hospital, about 35 miles north of Boston, forcing the hospital to turn away ambulances over the winter holidays.

“Programs like the Municipal Cybersecurity Awareness Grant really move the needle with our municipal workforce, which is where the rubber meets the road on cybersecurity,” Lt. Gov. Kimberley Driscoll said in a statement. “This program, provided at no cost to municipalities or employees taking the training, makes clear that cybersecurity is everyone’s responsibility, whether we have IT in our job titles or not.”

The program offers three training paths for municipal workers — tradition, advanced, and comprehensive — and an training path for public school employees.

Each training program runs from January to December and begins with an initial assessment to measure basic cybersecurity awareness, followed by training modules and simulated phishing email campaigns to familiarize participants with the hacking techniques bad actors commonly use to gain unauthorized access to government systems.

Massachusetts also offers a Free Cybersecurity Health Check Program, the Community Compact IT Grant Program, and the Community Compact Municipal Fiber Grant Program to support government employees cybersecurity awareness and IT modernization efforts.