Outgoing Massachusetts Gov. Charlie Baker signed an executive order establishing the Massachusetts Cyber Incident Response Team (MA-CIRT).
According to the governor’s office, the team will be led by the Secretary of the Executive Office of Technology Services and Security (EOTSS). MA-CIRT is established with the mission of “enhancing the commonwealth’s ability to prepare for, respond to, mitigate against, and recover from significant cybersecurity threats.”
“State governments and other organizations across the country are increasingly being targeted by bad actors aiming to disrupt operations and compromise information systems,” said Governor Charlie Baker. “This executive order will further strengthen the commonwealth’s policies, procedures, and resources required to prevent potential threats and appropriately respond to attacks on government infrastructure and services. As state governments expand their digital footprints, moving more services online and allowing for a more connected workforce, it’s critical that we make the necessary investments to protect this critical technology infrastructure from acts of terrorism and criminal, organized crime and gang activity.”
MA-CIRT will bring together cybersecurity and public safety experts from across state government, including representatives from the EOTSS, the Commonwealth Security Operations Center, the Executive Office of Public Safety and Security, the Commonwealth Fusion Center, the Massachusetts State Police Cyber Crime Unit, the Massachusetts National Guard, and the Massachusetts Emergency Management Agency.
The order focuses on the need for preparing for and marshaling a coordinated response, mitigation, and recovery effort from significant cybersecurity threats. Additionally, the order requires:
- MA-CIRT to review cybersecurity threat information and vulnerabilities to make informed recommendations and establish appropriate policies to manage the risk of cyber incidents for executive department agencies and all other state agencies served by EOTSS.
- MA-CIRT to develop and maintain an up-to-date Cyber Incident Response Plan. The plan is required to be submitted annually to the Governor for review and approval.
- The routine exchange of information related to cybersecurity threats and reported incidents between the Commonwealth Fusion Center and the Commonwealth Security Operations Center.
- EOTSS and MA-CIRT to consult with the Massachusetts Cyber Center and assist the Center with efforts to foster cybersecurity resiliency through communications, collaboration, and outreach to state agencies, municipalities, educational institutions, and industry partners.
- Executive department agencies are to comply with protocols and procedures established by MA-CIRT and all related policies, standards, and Administrative Directives issued by EOTSS.
- Commonwealth executive department agencies and other state agencies served by EOTSS to identify and report significant cybersecurity incidents and coordinate efforts to mitigate and prevent further damage from cyber incidents.
- Requires all executive department personnel to annually complete the EOTSS-approved security awareness training program administered by the Human Resources Division.
The executive order also strongly encourages other governmental entities throughout the commonwealth not served by EOTSS to report cybersecurity threats or incidents to the Commonwealth Security Operations Center.
The new cyber response team is funded by the State and Local Cybersecurity Grant Program, which was part of the 2021 Infrastructure Investment and Jobs Act.