In response to the growing threat of cyberattacks, Massachusetts Governor Charlie Baker has signed an executive order that will help organizations protect their infrastructure. The new Massachusetts Cyber Incident Response Team (MA-CIRT), overseen by the Secretary of the Executive Office of Technology Services and Security (EOTSS), is designed to provide assistance in the prevention, mitigation, and recovery of cyberattacks. Governor Baker noted in a press release that, “State governments and other organizations across the country are increasingly being targeted by bad actors aiming to disrupt operations and compromise information systems.” He added, “As state governments expand their digital footprints, moving more services online and allowing for a more connected workforce, it’s critical that we make the necessary investments to protect this critical technology infrastructure from acts of terrorism and criminal, organized crime and gang activity.”
A survey conducted in 2021 by Accenture revealed that the number of cyberattacks per company had increased by 31 percent. 80 percent of the surveyed infrastructure executives reported that attempting to stay ahead of hackers was a never-ending battle, and incurring the costs to do so was unsustainable. This increase in cyberattacks is especially concerning for healthcare organizations, which must guarantee patient safety. In order to address the issue, Lt. Governor Karyn Polito announced the Massachusetts Cyber Incident Response Team (MA-CIRT), which was established by the Baker-Polito Administration. The executive order that created MA-CIRT emphasizes the need to be prepared for and coordinate a response, mitigation, and recovery effort in the event of a cyberattack. It also outlines a set of cybersecurity policies to manage the outcome of cyberattacks for state agencies and executive departments such as the Massachusetts Department of Public Health.
The Executive Office of Technology Services and Security (EOTSS) and MA-CIRT will work with the Massachusetts Cyber Center to ensure cybersecurity resilience and facilitate communication and collaboration between state agencies, municipalities, educational institutions, and industry partners. The Secretary of Technology Services and Security, Curt Wood, stated that he is aware of the significance of having leadership support when it comes to rapidly, orderly, and effective responses to any external threats. To emphasize this point, the response team is motivating other governmental entities that are not served by the Executive Office of Technology Services and Security (EOTSS) to make their cybersecurity threats or incidents known to the Commonwealth Security Operations Center. Although this action may not directly affect the healthcare industry, it shows that the government is taking critical infrastructure security more seriously.