Key Takeaways:
- The City of Berea, Ohio has implemented a cybersecurity policy to address potential threats, as mandated by the State of Ohio.
- The policy includes six key elements, such as identifying critical functions and risks, detecting potential threats, and establishing procedures for incident response and training.
- The city is required to report any cyber incidents to Ohio Homeland Security and the state auditor, and any decision to pay a ransomware demand must be voted on by City Council in a public meeting.
- The cybersecurity plan is not a public record, but the city is committed to providing annual training for all employees to ensure they are equipped to handle cybersecurity threats.
- The state provides funding and resources for cybersecurity training and support through the State and Local Cybersecurity Grant Program and the Ohio Persistent Cyber Initiative program.
Introduction to Cybersecurity Policy
The City of Berea, Ohio has taken a significant step in protecting itself against potential cybersecurity threats by creating and implementing a comprehensive cybersecurity policy. This policy was mandated by the State of Ohio, which adopted new requirements for local governments in September 2025. The city was required to have its cybersecurity plan in place by December 31, and the Bere
SignUpSignUp form