May 17, 2021: Following the Ransomware Attack on the Colonial Pipeline, Texas Governor Greg Abbott took action and announced that he was signing a new cybersecurity law that penalizes those who don’t comply with previously enacted cybersecurity training requirements (HB3834). The pipeline attack left 100GB of data ‘locked’ and caused the shutdown of the U.S.’ largest pipeline. It carries 45% of the fuel used on the U.S. East Coast and runs from Texas to the New York Bay Area. This attack along with the increasing numbers of Ransomware Attacks overall has lead many states to pass cybersecurity training requirements in their legislative bodies in recent years as shown in the map above.
State agencies know most data breaches start with human error. Texas has now made it mandatory for government agencies in the state to have annual cybersecurity awareness training or be penalized for noncompliance. Other states, seen above, have mandatory laws requiring users’ cybersecurity awareness training. These states include:
If your state is on this list, it’s vital that your organization works with a company like CyberHoot to ensure that you’re compliant with your state’s cybersecurity training requirements. More importantly, you should comply because your users are desperate for guidance on how to spot and avoid phishing attacks, to learn why password managers are so important for password hygiene, and how to protect the Personally Identifiable Information (PII) entrusted to them in their public roles and capacities.
Your organization must take action to secure your systems, users, and data. 45% of public entities have been attacked with Ransomware in recent years. The stakes are simply too high now not to take proactive measures given what’s happening across the US to public entities and ransomware.
It’s vital that cybersecurity awareness training become a part of your organization’s security program. Training and testing your users can only help improve your organizational security posture, as CyberHoot’s Co-Founder Craig Taylor said, “Productivity, Security, and Confidence come from Cybersecurity awareness training and testing“. The following actions can be taken by your organization to ensure that you’re providing top-notch services to your users when for cybersecurity awareness training: