Memorandum  Memo #27: Free State-sponsored Cybersecurity Training

M E M O R A N D U M

TO:                  Retirement Board Administrators and Staff

FROM:            John W. Parsons, Esq. Executive Director

RE:                  Free State-sponsored Cybersecurity Training

DATE:            October 21, 2022

We are pleased to make available to retirement board administrators and staff a free cybersecurity training offered by the state’s Executive Office of Technology Services and Security (EOTSS).

The program is called the Municipal Cybersecurity Awareness Grant Program. There is an optional informational webinar scheduled for Tuesday, October 25^th. Applications will close when all available spaces have been taken or December 31^st, whichever occurs first, so EOTSS encourages applications to be filed as soon as possible. More information, webinar registration and the application are all available at the above link.

The training has three scheduling options: full-year, January-May, or September-December. EOTSS recommends the full-year training as cybersecurity is an ongoing and ever-changing issue and it will keep things fresh for users. The shorter trainings were set up with schools in mind. The full-year training involves end users taking an initial assessment. Then roughly each quarter there is a package of four training modules assigned which total about 40 minutes. Throughout the year there will be eight phishing campaigns where simulated fraudulent emails will attempt to hook users in. At the end of the year, there will be another assessment to illustrate what has been learned. The partial-year courses will comprise of half of the full-year course with an initial assessment, two packages of four training modules, four phishing campaigns and a final assessment.

Each participant must have an email address tied to the retirement board’s web domain. It can’t be a Gmail or Yahoo email account, it needs to be for example @prescottretirementboard.com, @town.enfield.ma.us, @greenwich-ma.gov or any of the many other variations. Also, each participating retirement board needs to designate a contact/local coordinator who will attend a training session and act as the point person for this program. It is estimated this may take 30-60 minutes per week.

This is the fourth year of the Municipal Cybersecurity Awareness Training program. It has been well received and many agencies are repeat customers as the materials change. Thanks to the leadership of EOTSS Secretary Curt Wood, retirement board staff have been added to the eligible participants upon PERAC’s request. Upon completion of this year’s training, we will evaluate attempting to offer this to board members.

For further information or any questions email cyberawarenessgrant@mass.gov.

Philip Y Brown, Esq., Chair
Auditor Suzanne M. Bump, Vice Chair
Kathleen M. Fallon
Kate Fitzpatrick
James J. Guido
Richard MacKinnon, Jr. 
Jennifer F. Sullivan, Esq.