Skip to Main Content
  • Mass.gov
  • Contact
Office of the Comptroller
Office of the Comptroller
  • Key Documents
    • Fiscal Year Memos
    • Policies
    • Forms
    • Regulations
    • Expenditure Classification Handbook
    • Revenue Handbook
    • Statewide Key Contact Lists
    • Statewide Contracts
  • Resources for Departments
    • Information for New Department Heads
    • Information for Chief Fiscal Officers
    • Information Delivery / Reporting / Commonwealth Information Warehouse (CIW)
    • Federal Grants and Cost Allocation
      • Statewide Cost Allocation Plan (SWCAP)
    • Internal Controls
      • Whistleblowers
    • MMARS Topics
      • Budgets and Account Management
      • Capital (Fixed) Assets
      • Chargebacks
      • Contracts
      • Interdepartmental Service Agreements
    • Non-Tax Revenue
      • Intercept
    • Payments
      • Settlements and Judgments
    • Statewide Payroll
      • Payroll Information
      • HR/CMS Information
      • HR/CMS User Group
  • Reports and Publications
    • Financial Reports
      • Annual Comprehensive Financial Reports
      • Statutory Basis Financial Reports (SBFR)
      • Statewide Single Audit
      • Commonwealth Actuarial Valuations
      • Fiscal Year Budgetary Reports
      • GAAP Guidance
      • GASB 68 Reports
      • GASB 75 REPORTS
      • Commonwealth Employees
      • Cities and Towns
    • Legislatively Mandated Reports
      • Commonwealth Component Units and Other Entities
      • Commonwealth of Massachusetts Tax and Non-Tax Revenue
      • Commonwealth Stabilization (“Rainy Day”) Fund
      • Federal Grants Reports
      • Liability Management and Reduction Fund
      • MBTA Certifications
      • Miscellaneous Reports
      • Prior Year Deficiencies
      • Settlements and Judgments Transparency Reports
      • State Tax Revenues – Chapter 62F
      • Tobacco Settlement Certifications
      • Transfer Schedules
  • CTR Cyber
    • CTR Cyber Home
    • The CTR Cyber 5
    • Cybersecurity Responsibilities
    • Report Cyber Incidents, Suspicious Activity, and Fraud
    • Cyber Preparedness and Remediation – Statewide Contractors
    • Cyber Awareness Training
  • CTHRU
  • CTR Announcements
  • About
    • Comptroller William McNamara
    • Comptroller Advisory Board
    • Job Opportunities
Mass.gov Contact

CTR Cyber

The Office of the Comptroller has developed CTR Cyber to identify key cybersecurity internal controls for Commonwealth of Massachusetts departments, and to promote cybersecurity awareness and cyber vigilance for everyone in these organizations. With increasingly sophisticated cyber attacks, everyone has a role and responsibility to help prevent disruptions and theft of Commonwealth data and resources through cyber fraud, phishing, malware, and social engineering attacks.

cybersecurity tip of the week

Cybersecurity Tips and Alerts

CTR posts weekly Cybersecurity Tips and Alerts. Please share these updates with co-workers, especially those who continue to work remotely.

VIEW ALERTS
CTR Cyber 5

CTR Cyber 5

We are pleased to launch The Cyber 5, a series of short videos featuring cybersecurity experts from the public and private sectors.

WATCH THE CYBER 5
A stylized image of binary code

Cybersecurity Responsibilities for Leadership and Managers

Management is responsible for ensuring that cybersecurity internal controls are in place and tested to prevent losses and disruption from cyber incidents.

VISIT PAGE
An image of a user holding a mobile phone

Report Cyber Incidents, Suspicious Activity, and Fraud

Best practices for staff when they suspect a suspicious email or potential security or fraud incident.

REPORT
A stylized rendering of a circuit board

Cyber Preparedness and Remediation Vendors

Pre-screened cyber and data security vendors are available to Commonwealth of Massachusetts agencies and municipal governments.

VISIT PAGE
A remote work station

Cyber Awareness Training

Employees are the first line of defense against a cyberattack. These resources will help improve cybersecurity literacy among all employees.

VISIT PAGE

The Commonwealth of Massachusetts averages 525 million pings a day from bad actors.

Cybercriminals will steal money, change or destroy information, or even hold it for ransom, seeking to victimize state agencies.

The two easiest ways for an attacker to get into your network are via phishing emails and breached passwords.

Cybersecurity Tips and Alerts

Fiscal Year Memo header image
Cybersecurity May 16, 2022

FY2022-22: Department Head Annual Review and Approval of Statewide Enterprise Systems

Learn More
cybersecurity tip of the week
Cybersecurity May 10, 2022

Are your cybersecurity internal controls up to date?

Learn More
cybersecurity tip of the week
Cybersecurity May 3, 2022

Don’t fall for prompt bombing

Learn More

Resources for Employees

Cyber, Information Security, and Privacy News and Events

Keeping you up-to-date on all things cyber, information security, and privacy.

VIEW ON MASS.GOV
Center for Internet Security

Daily Tips

VIEW ON CISECURITY.ORG
An image of the "Fraud Prevention: Everyone's Job" brochure

Fraud Prevention: Everyone's Job

A brochure published by the Office of the Comptroller which includes tips for government agencies to fight fraud, waste, and abuse of public funds.

DOWNLOAD PDF

Resources for IT and Security Staff

Massachusetts Division of Banks - Real-time cyber threat information

IT staff can sign up to receive real-time cyber threat information critical cyber alerts for updates, patches, and other vulnerabilities.

VIEW ON MASS.GOV
U.S. Department of Homeland Security - National Cyber Awareness System Alerts

Subscribe to CISA alerts, tips, and other updates.

VISIT US-CERT.CISA.GOV
Multi-State Information Sharing and Analysis Center (MS-ISAC)

Real-time network monitoring, early cyber threat warnings, and other advisories.

VISIT CISECURITY.ORG

Related Links

Internal Controls

The Comptroller is responsible for developing internal control guidelines for Commonwealth of Massachusetts departments.

VISIT PAGE

Internal Control Guide

This guide will assist departments in designing, documenting, and implementing internal controls and provides the structure departments must use when writing and updating their Internal Control Plans.

DOWNLOAD PDF

Statewide Learning

Learning Management System for Statewide Learning, including risk management and fraud prevention trainings.

VISIT ON CTR INTRANET
  • CTR Intranet
  • PowerDMS
  • CTHRU
  • HR/CMS Knowledge Center
  • CTR Solution Desk
Office of the Comptroller
William McNamara

Comptroller of the Commonwealth
One Ashburton Place, 9th Floor
Boston, MA 02108

©2022 Office of the Comptroller of the Commonwealth   |   Privacy Policy

For your protection, please do not email personal information (e.g. Social Security Number, Bank Account Number, Passwords).

Website Design by Jackrabbit

617-727-5000[email protected]