Kemp orders cybersecurity training for nearly all state workers after cyberattacks

Kemp orders cybersecurity training for nearly all state workers after cyberattacks

ATLANTA — Georgia Gov. Brian Kemp is bringing in some big guns to help fight the growing number of cyberattacks on state agencies.

Kemp ordered cybersecurity training twice a year for nearly all state workers. It's all part of an executive order he just signed.

Channel 2 investigative reporter Aaron Diamant spoke with the governor one on one Wednesday at the state Capitol.

Content Continues Below

"Clearly, state agencies are being targeted," Kemp said. "We've got to be more aggressive in defending against that."

The directive comes after three critical state agencies got hit by ransomware attacks within the last six weeks.

The Administrative Office of the Courts, the Georgia State Patrol and the Georgia Emergency Management Agency are still feeling the fallout after workers clicked on links or opened emails they shouldn't have.


"It is frustrating, but you also have to be realistic. It's gonna happen. It happens everywhere. We might as well own it and be as prepared as we can and train our people so we can cut down on the number of instances," Kemp said.

Kemp's order also beefs up of the "state government systems security review board," created by Gov. Nathan Deal in 2015.

Members will work to identify cybersecurity risks within each state agency and find ways to reduce those risks.

The beefed-up board now includes the state's top military leader, adjutant general Thomas Carden; Georgia's top cop, GBI Director Vic Reynolds; GEMA Director Homer Bryson; and the state's chief information security officer, David Allen.

"This is all hands on deck. We're in mission critical here, and I think the governor's recognized that it's going to take a group effort and some serious people who are involved in this kind of thing," Georgia State University cybersecurity researcher Don Hunt said.

While Hunt called ongoing training for state workers a good start, he said: "It really needs to be front and center. It's not just the training, it's the culture. You've got to have that culture of awareness."

The head of the Georgia Cyber Center will also be on the cybersecurity board. Kemp's newly hired technology adviser will serve as the chairman.

The order requires state workers to complete at least one form of cybersecurity training within the next three months. Those who don't will face disciplinary action.