Berea adopts cybersecurity plan: Community Voices

Berea adopts cybersecurity plan: Community Voices

https://www.cleveland.com/community/2026/01/berea-adopts-cybersecurity-plan-community-voices.html

Publish Date: 2026-01-19 14:19:00

Source Domain: www.cleveland.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. BEREA, Ohio – The City has created and put in place a policy that deals with potential cybersecurity threats.The policy was mandated by the State of Ohio. The Ohio Legislature adopted new requirements for local governments in September 2025. The cybersecurity plans had to be in place by Dec. 31. Berea City Council approved the plan on Dec. 14. The state also requires that any cyber incidents be reported to Ohio Homeland Security and to the state auditor. Any decision to pay a ransomware demand must be voted on by City Council in a public meeting.The plan “puts precautions in place so we’re not vulnerable to attack,” said Law Director Barbara Jones. The threats might include ransomware, phishing, social engineering and data breaches. She said City e-mail already has a firewall in place.The cybersecurity plan was written by an IT consultant and runs to around 200 pages. Jones said the security plan is not a public record, but the state did require that six elements be included.Those components are:• Identify and address the critical functions and cybersecurity risks of the City• Identify the potential impacts of a cybersecurity breach• Specify mechanisms to detect potential threats and cybersecurity events• Specify procedures for the City to establish communication channels, analyze incidents and take actions to contain cybersecurity incidents• Establish procedures for the repair of infrastructure impacted by a cybersecurity incident and the maintenance of security after the incident• Establish cybersecurity training requirements for all employees, the frequency, duration and detail of which shall correspond to the duties of each employee.Annual training can be provided by the state and the Ohio Persistent Cyber Initiative program of the Ohio Cyber Range Institute. That training can include online, hybrid and in-person training tailored to the City’s needs. It is funded by the State and Local Cybersecurity Grant Program. State guidelines state: “Political subdivisions should adopt a cybersecurity program that is tailored to the unique environment/needs of their entity. There is no one-size-fits-all template or policy that will be effective for everyone.”A City Council resolution directing Mayor Cyril Kleem to implement cybersecurity measures stated, “Local governments have increasingly become targets for cybercriminals, as they can be vulnerable because of limited cybersecurity budgets, outdated systems and a range of accessible electronic and digital services.”The City said data breaches can potentially disrupt City services, expose personal and financial information and incur significant costs. The new cybersecurity plan is aligned with industry best practices.