Local Officials Are Sometimes Exempted from Cybersecurity Awareness Training
While cybersecurity is consistently rated as the top concern by state and local government agencies, nearly a quarter of local government officials and their staff are being allowed to opt out of cybersecurity awareness training, according to a recent survey.
CompTIA Public Technology Institute’s 2021 National Survey of Local Government Cybersecurity and Cloud Initiatives found that 92 percent of respondents said their jurisdiction offers employees cybersecurity awareness training, with 59 percent saying the training is provided on an ongoing basis throughout the year and 34 percent say the training is provided once a year.
However, when asked if elected officials, their staff and senior leadership are exempted from cyber awareness training, 24 percent said yes, which, the report points out, is problematic for several reasons.
“It is important to remember that email addresses and contact information for elected leaders and management are easily available, meaning these officials are prime targets for phishing attempts and probing of government IT systems,” the report notes. “Allowing for exemptions may also set a bad and demoralizing example to others in the organization who are required to follow strict protocols.”