As cyberattacks against state and local governments rise, the state of Maryland has hosted a statewide cybersecurity tabletop exercise. The exercise was hosted by the Maryland Department of Emergency Management (MDEM), in coordination with all cabinet-level agencies, and enabled critical partners to discuss plans, policies, and procedures in order to identify and address potential vulnerabilities or issues in preparation for a cybersecurity incident.
In a press release, the state noted that participants focused on interagency collaboration and coordination in preparing for and responding to a cybersecurity incident during the exercise.
“These tabletop exercises are another prime example of our administration’s efforts to coordinate cybersecurity preparedness and response across the entire state,” said Maryland Lt. Governor Boyd Rutherford, who took part in the exercise. “The importance of exercises of this nature and the collaboration between all of the participants cannot be overstated.”
During the exercise, held Oct. 27, attendees worked through a scenario that simulated a real-life cyber incident and tested the plans and processes of state organizations. The scenario was developed by the state chief information security officer (SCISO), state chief data officer, state chief privacy officer, and exercise planners from MDEM.
“It’s hard to overemphasize the value of conducting collaborative statewide practical exercises like the one we conducted today,” said Maryland SCISO Chip Stewart. “By bringing representatives from each of the Governor’s cabinet agencies, we have an opportunity to identify gaps and improve our response processes before a real cyber incident.”
Alongside the tabletop exercise, the Maryland Department of Labor announced that funding from the Employment Advancement Right Now (EARN) Maryland program will be used to provide cybersecurity training to state employees.
“EARN Maryland has been nationally-recognized for its industry-driven approach, which has proven successful in cultivating a highly-skilled workforce for the private sector,” said Labor Sec. Tiffany P. Robinson. “But given the ever-evolving cybersecurity threat to our state government, I am pleased we are able to invest in the training and upskilling of our own cyber workforce with these funds.”
The Maryland Department of Information Technology (DoIT) will partner with the Baltimore Cyber Range, an EARN grantee, to provide training for 100 state employees.
“We welcome the opportunity to equip the information technology staff throughout State agencies with the training, the skills, and the expertise to address today’s cyber threats and protect against tomorrow’s cybersecurity challenges,” said Baltimore Cyber’s Chairman Bruce Spector. “Our training ensures that Information Technology teams are prepared to detect, mitigate, and remediate current and future attacks in a timely and cost-effective manner. We appreciate Governor Hogan’s investment in training those on the front lines of cybersecurity in our state.”