CCM
  • Claims
  • Careers
  • CIRMA Members
  • Contact Us
  • About CIRMA
    • Our History
    • Committees
    • Mission Statement
    • Excellence in Risk Management Award
  • Workers' Compensation
    • Workers’ Compensation Program Overview
    • CIRMAcare Medical Care Plan - Provider Search
    • Claims
    • Firefighter Accident Insurance Program
    • Heart & Hypertension Program
    • Risk Management Services
    • Risk Management Tools
    • Workplace Safety Center
    • Request a Quote
  • Liability Auto Property
    • Storm & Hazard Center
    • LAP Coverage Overview
    • LAP Policy Enhancements
    • Builders Risk
    • International Travel Insurance
    • TULIP - Tenant User Coverage
    • Employment Practices Liability Helpline Program
    • Claims
    • Risk Management Services
    • Risk Management Tools
    • Cyber Risks & Alerts
    • Request A Quote
  • Other Services
    • Contract Review
    • Heart & Hypertension Services
    • Fraud Investigation & Subrogation
    • Consultative Services
    • SIS
    • Request a Quote
  • Storm & Hazard Center
    • Summer Maintenance
    • Pre-Season Hurricane Preparations
    • Hurricane Preparations
    • HSB - Boiler & Equipment Maintenance
    • HSB - PREPARE Program
    • HSB - School Energy Efficiency Program
    • HSB - Electrical Assessment Tools
    • Hazard Trees
    • Ash Borer & Gypsy Moth Infestation
    • After a Flood
    • Cold Weather Property Preparation
    • Winter Storms
    • Slip & Fall Prevention
    • Lightning Protection - Fire
    • Lightning Protection-Surge Protectors
    • Sports Safety Heat Stress
  • LAP Coverage Overview
  • LAP Policy Enhancements
  • Builders Risk
  • International Travel Insurance
  • TULIP
  • Employment Practices Helpline Program
  • Claims
  • Risk Management Services
  • Risk Management Tools
  • Cyber Risks & Alerts
  • Request a Quote
  • Training & Education Programs
  • Learning Media Library
  • Publications
  • News & Events
  • Claims

CyberSecurity-MSIsacsHeaderbanner.jpg

Cyber Risks & Alerts

Cyber Incident Reporting

For CIRMA Liability-Auto-Property pool members:

All Cyber Liability incidents should be reported immediately to Cynthia Mancini, LAP Claims Unit Manager at:

  Business: 203-498-3019
  Cell:   203-804-5917 (For After-Hours Emergencies)
  Email:  cmancini@ccm-ct.org

(Additional contact is Cathy Gambrell, Sr. Technical Claim Manager, at 203-946-3750.)

CIRMA's Cyber Security Resources

CIRMA places a comprehensive Cyber Insurance program through an A.M. Best A rated carrier for our Liability-Auto-Property (LAP) Pool Members to help protect them in the event of a cyber event. CIRMA LAP Pool Members have access to liability coverage, forensics investigation and breach management services from best-in-class breach responders with experience in computer forensics, data breach notification, credit and ID monitoring, and legal counsel. View the flyer

CIRMA has also developed a number of risk management resources, including regional training programs and
E-Learning Center training, and cybersecurity whitepaper to help our members manage this risk. CIRMA's Cyber News & Alerts service provides IT departments and municipal and school leaders current cyber alerts from MS-ISAC, the Multi State Information Sharing and Analysis Center and U.S. Homeland Security.  > Click here to SUBSCRIBE to CIRMA's Cyber News and Alerts Today!

CT Cyber Disruption Response Plan

The Cyber Disruption Response Plan will be incorporated as an annex to the State Response Framework, and is a roadmap for state, local, and private sector entities on how and when to report a cyber incident, as well as an outline of emergency response actions to be taken depending on the severity of the disruption and its potential impact on the state and its communities. The CDRP is a companion document to the Cyber Incident Response Plan, which outlines specific technical response actions.
 
The Quick Reference Guide consists of two charts found in the CDRP, and is intended to provide readily available guidance in a fast moving incident.  The Communications Flow Matrix outlines the flow of information in situations that are likely to affect public health, safety, or confidence.   It is recommended that you add contact information for the key partners to whom you would report a cyber incident, including the CT Intelligence Center, which can be reached at CTIC@ct.gov. The Cyber Security Threat Level Matrix is a summary of the five distinct cyber threat levels, and provides general guidance regarding the communication and anticipated response activities for each of the levels. The CDRP provides more detailed response actions for each threat level. 

Cyber Security Response Plan
Cyber Response Quick Response Quick Reference

New Election Security Resources

The Center for Internet Security released A Handbook for Elections Infrastructure Security aimed at providing a tool for both election officials and their technical staff. The handbook is broken into three parts that address the risks to elections infrastructure, the architecture of elections systems, and security best practices and controls. The best practices and controls take into account associated implementation costs and are tiered according to asset class (Device, Process, Software, User), priority (high and medium), and the applicable CIS Control(s). The handbook also provides security best practice examples from state and local organizations, as well as procurement guidance and links to additional security resources. For assistance implementing these recommendations and best practices, CIS provides an Excel worksheet to guide technical staff through the process. 

CYBER SECURITY WEBINARS

CIRMA Cyber Webinar Series:  Session 1 - PHISHING
> Click here to view the WEBINAR 
According to experts, local public entities are often specifically targeted for cyber-attacks due to the vulnerable and open nature of their operations. Cyber-attacks, data theft, ransomware, spoofing, and phishing incidents are escalating in type, number, and creativity -- with cyber criminals exploiting human nature as much as the technical vulnerabilities of hardware and software systems. The CIRMA Cyber Webinar Series will address each of the most common forms of cyber-attacks affecting Connecticut municipalities, beginning with phishing attacks.

CYBERSECURITY RESOURCES & BULLETINS

U.S. Department of Homeland Security - CISA Cyber + Infrastructure

  • CISA Insights - Increased Geopolitical Tensions and Threats - January 8, 2020

New Jersey Cybersecurity & Communications Integration Cell (NJCCIC):

  • NJCCIC website
  • NJCCIC - Alerts and Advisories
  • NJCCIC - Cyber Security Guides
  • NJCCIC - The Weekly Bulletin

Multi-State Information Sharing and Analysis Center (MS-ISAC):

  • MS-ISAC website

Cybersecurity and Infrastructure Security Agency (CISA):

  • CISA Security Tip (ST19-001) - Protecting Against Ransomeware
  • CISA Youtube Channel
  • CISA - National Cyber Awareness System Alerts
CT DESPP/DEMHS and CTIC: 
  • Cyber Incident Reporting - A guide for CT partners
TLP: WHITE
MS-ISAC Cyber Alerts

10-13-20 - Critical Patches Issued for Microsoft Products, October 13, 2020 - PATCH NOW

09-30-20 - Release of CISA/MS-ISAC Ransomware Guide - September 2020

09-14-20 - Critical Patches Issued for Microsoft Products, UPDATED September 14, 2020 - PATCH NOW

09-08-20 - Critical Patches Issued for Microsoft Products, September 8, 2020 - PATCH NOW

09-01-20 - Activity Alert (AA) - Technical Approaches to Uncovering and Remediating Malicious Activity

08-26-20 - CISA Joint Technical Alert (TA) and Malware Analysis Reports (MAR) - North Korean Remote Access Tools

08-12-20 - Critical Patches Issued for Microsoft Products, UPDATED August 12, 2020 - PATCH NOW

08-11-20 - Critical Patches Issued for Microsoft Products, August 11, 2020 - PATCH NOW

 TLP: GREEN Alerts
MS-ISAC Cyber Alerts - Distribution Restricted to CIRMA Members ONLY

To receive the Green Alerts listed below, please email Jacqueline Smith, Marketing & Creative Design Associate, at jsmith@ccm-ct.org

10-21-20 - Malware IPs and Domains Observed by MS-ISAC

10-13-20 - Malware IPs and Domains Observed by MS-ISAC

10-05-20 - Malware IPs and Domains Observed by MS-ISAC

09-28-20 - Malware IPs and Domains Observed by MS-ISAC

09-14-20 - Malware IPs and Domains Observed by MS-ISAC

09-08-20 - Malware IPs and Domains Observed by MS-ISAC

08-27-20 - COVID-19 Worldwide Situation Report - 08-27-20 (Update 126)

08-18-20 - Malware IPs and Domains Observed by MS-ISAC

08-14-20 - COVID-19 Worldwide Situation Report - 08-14-20 (Update 122)

08-10-20 - COVID-19 Worldwide Situation Report - 08-10-20 (Update 121)

08-03-20 - COVID-19 Worldwide Situation Report - 08-03-20 (Update 119)

08-03-20 - Malware IPs and Domains Observed by MS-ISAC

CIRMA Cyber Security Whitepaper

Cyber Security - PDF

E-Learning Center Program
To help address the growing challenge of cyber threats and computer security, CIRMA's updated E-Learning Center now provides two informative high-quality trainings free to CIRMA members:
    1. Computer Security Basics
    2. Cybersecurity Threats to Public Entities

How to get started
Visit CIRMA E-Learning Center to log in and take the courses. CIRMA offers nearly 330 E-Learning training courses on a large variety of topics. Click here to download a current list of available topics. If you are not currently registered, please email your contact information to Martin Connelly at mconnelly@ccm-ct.org or call 203-946-3743.

ManyFacesofCyberCrimes_red.jpg

Download The Many Faces of Cybercrimes (pdf)

ReportingCyberCrimesCTIC_blue.jpgDownload Reporting Cyber Crimes (pdf)






 

  • Site Map
  • Privacy Statement
  • Copyright Statement

 

CONNECTICUT INTERLOCAL RISK MANAGEMENT AGENCY
545 Long Wharf Drive, 8th Floor | New Haven, CT 06511-5950 | 203-946-3700

 

 

Copyright © 2020. Connecticut Interlocal Risk Management Agency. All Rights Reserved.

Website Design: TCC Web Interactive a Division of The Computer Company, Inc.