Georgia governor orders new cybersecurity training after crippling attacks

Gov. Brian Kemp. EMILY HANEY / emily.haney@ajc.com

Gov. Brian Kemp. EMILY HANEY / emily.haney@ajc.com

After a spate of crippling cyberattacks targeting Georgia agencies, Gov. Brian Kemp signed an executive order that requires state workers to undergo new training aimed at preventing ransomware attacks.

The Republican's order, signed this week, also bolsters a "state government systems security review board" created in 2015 by adding a slate of additional state leaders and requiring new cybersecurity protocol to defend against online intrusion.

The steps come after hackers demanding a ransom payment hobbled a string of state and local departments, including Georgia’s courts agency and several law enforcement offices.

"It is frustrating, but you also have to be realistic. It's gonna happen. It happens everywhere," Kemp told Channel 2 Action News. "We might as well own it and be as prepared as we can and train our people so we can cut down on the number of instances."

The order requires state staffers to complete a cybersecurity training course within the next three months or face formal disciplinary action that could include losing their job.

The expanded security review board will be led by Anand Balasubramanian, an IT specialist who was appointed as Kemp's new technology adviser. Other members include Georgia Bureau of Investigation director Vic Reynolds and Thomas Carden, the state adjutant general.

The online attacks have struck the Administrative Office of the Courts, the Georgia Emergency Management Agency and the Department of Public Safety. Hackers have also hit local governments, including Henry County and the city of Atlanta.