In a growing era of computer system hacks and ransomware attacks, a state audit says many state employees in Missouri lack cyber security training and awareness. With tens of thousands of state employees using computers with internet access daily, State Auditor Scott Fitzpatrick said it is extremely important for the state to make effective security awareness training a key component of its culture.

“You want to ensure that people are being trained and trained on a recurrent basis with information about the latest risks related to cybersecurity, so that we can reduce the likelihood of having a major data breach or ransomware attack,” Fitzpatrick told Missourinet.

The audit reviewed awareness and training efforts for 34 state government entities that include nearly 52,000 state employees. He said state government has a lot of personal information of citizens and employees.

“The goal is not for it to take a lot of time, it really doesn’t need to take a lot of time, it just make sure that people have the risks kind of at the front of their brain when they’re using their computers, when they’re checking their emails, and they get a suspicious link,” he said.

Fitzpatrick said the rapid advance of technology has made government operate more efficiently, but it increased the risk for data breaches and computer hacks that could disrupt essential services.

“You just want to make sure that people have enough exposure to it on a recurring basis,” Fitzpatrick said. “It doesn’t have to be hours and hours, but have enough exposure to it on a recurring basis that they think twice before they click on a link when they’re opening an email.”

The audit recommends improved oversight for security awareness training, along with the implementation of training and phishing testing.

The complete report can be found here.

Copyright © 2024 · Missourinet