Cyber Incident Response Plan Materials for Municipalities

Photo of a group webinar meetingIn 2019, the MassCyberCenter in collaboration with the Cyber Resilient Massachusetts Working Group (CRMWG) developed the Municipal Cybersecurity Toolkit as a first step to help municipal leaders begin to understand the cybersecurity posture of their municipality and develop next steps for protecting municipal infrastructure against cyber threats.

The MassCyberCenter recognized the need to assist the Massachusetts’ 351 municipalities in building their cyber incident response plans; and in October 2019, Governor Baker announced funding for the MassCyberCenter to develop a series of statewide workshops to address that guidance and further strengthen regional collaboration around cybersecurity. 

In 2020, the MassCyberCenter hired Robinson+Cole to develop a series of statewide workshops and provide municipalities with the tools to develop or review their cyber incident response plans. The series of 2, 2-hour workshops was conducted in collaboration with each of the five Homeland Security Regional Advisory Councils (Central, Metro Boston, Northeast, Southeast, and Western) and included attendees from municipality management, information security teams, and first responders.

Information on Why to Build a Cyber Incident Response Plan?


The National Cyber Incident Response Plan establishes that a cyber incident response plan “articulates the roles and responsibilities, capabilities, and coordinating structures that support how a municipality will respond to and recover from cyber incidents”. The MassCyberCenter recommends the best action a municipality can take to improve their cybersecurity resiliency is to develop a cyber incident response plan, because through the planning process cities and towns will: 

  1. Prioritize the assets they need to protect;
  2. Build a cybersecurity team;
  3. Create processes to mitigate vulnerabilities; and
  4. Raise awareness internally about the importance of cybersecurity.

Workshop 1

Workshop 1 introduced the need for cyber incident response plans, provided self-assessment and planning guidance, and gave municipalities the tools and resources they need to create a cyber incident response plan. 

Materials from Workshop 1:

Workshop 2

Workshop 2 pulled together the final details of the cyber incident response planning process, shared best cybersecurity practices for your municipality, and provided an opportunity for you to test your plan. 

Third-Party Vendor Management Webinar

As a follow-up to Workshops 1 and 2, we hosted a webinar on Third-Party Vendor Management. The webinar presented how to identify high risk vendors, tips for monitoring and managing third-party vendors, and the practices municipalities can take when engaging and evaluating third-party vendors.

Contact Us


If you have any questions, please don’t hesitate to email