The National Cyber Incident Response Plan establishes that a cyber incident response plan “articulates the roles and responsibilities, capabilities, and coordinating structures that support how a municipality will respond to and recover from cyber incidents”. The MassCyberCenter recommends the best action a municipality can take to improve their cybersecurity resiliency is to develop a cyber incident response plan, because through the planning process cities and towns will:
Workshop 1 introduced the need for cyber incident response plans, provided self-assessment and planning guidance, and gave municipalities the tools and resources they need to create a cyber incident response plan.
Materials from Workshop 1:
Workshop 2 pulled together the final details of the cyber incident response planning process, shared best cybersecurity practices for your municipality, and provided an opportunity for you to test your plan.
As a follow-up to Workshops 1 and 2, we hosted a webinar on Third-Party Vendor Management. The webinar presented how to identify high risk vendors, tips for monitoring and managing third-party vendors, and the practices municipalities can take when engaging and evaluating third-party vendors.