Skip to content

Illustration by Security Management

Georgia Mandates Ransomware Training for State Employees

Georgia Governor Brian Kemp signed an executive order mandating state workers complete training to prevent ransomware attacks.

Kemp’s order comes after malicious actors hit Atlanta, Georgia’s courts agency, and law enforcement offices with ransomware. The Atlanta incident alone cost the city at least $2.6 million to recover from; the perpetrators demanded just $52,000 to decrypt its systems.

“It is frustrating, but you also have to be realistic. It’s gonna happen. It happens everywhere,” said Kemp in an interview with Channel 2 Action News. “We might as well own it and be as prepared as we can and train our people so we can cut down on the number of instances.”

The Georgia Technology Authority will submit materials that the state’s Government Systems Security Review Board will then use to create the ransomware training. Employees will then be trained at least twice per year on that material, according to State Scoop.

In addition to required training, the executive order also provides more support for the review board by adding state leaders and creating new cybersecurity protocols to protect against cyber intrusions, according to the Atlanta Journal-Constitution.

State and local governments are increasingly facing ransomware attacks. In July 2019, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a memo encouraging local officials to take “immediate action” to prevent attacks.

“The growing number of such attacks highlights the critical importance of making cyber preparedness a priority and taking the necessary steps to secure our networks against adversaries,” the memo said.

Security Management will take an in-depth look at this trend in its September issue of the magazine.