Courts across the country are taking concrete steps to strengthen cybersecurity preparedness following a series of regional workshops led by the National Center for State Courts (NCSC).
Over 19 months, the workshops brought together about 250 participants from state, appellate, and local courts in 37 states and four territories, helping teams test incident response plans, identify operational gaps, and prepare for cyber incidents and other disruptions.
The workshops underscored a central lesson: cybersecurity is more than an IT function.
“These workshops gave courts time to bring the right people together, practice their response, identify gaps, and build the relationships they will need during a real event,” said Shay Cleary, an NCSC principal court management consultant and lead facilitator.
Effective readiness relies on coordinated planning across the enterprise, including judicial officers, court administrators, technology and security staff, public information officers, emergency managers, and legal counsel.
“The regional cybersecurity workshop was of such great value that I later replicated this at my local trial court with the participation of all key stakeholders,” recalled Robert Adelardi, chief information officer in Miami’s 11th Judicial Circuit of Florida. “Our organization is now in a much better position to handle court business interruptions caused by similar events.”
Jannet Okazaki, an NCSC principal court management consultant and co-facilitator, said participants left the workshops with practical strategies they can apply immediately. Courts are now actively recruiting additional cybersecurity staff, reusing tabletop exercises, and using the workshops as inspiration for broader cybersecurity initiatives, she said.
Cleary and Okazaki offer a few recommendations to help courts reduce risk and improve response before an incident occurs:
• Engage court leadership in cybersecurity planning.
• Establish or validate an incident response plan.
• Adopt a recognized cybersecurity controls framework such as the CIS Critical Security Controls.
• Conduct regular tabletop exercises.
• Strengthen communication protocols.
• Use national guidance and peer networks to support ongoing improvement.
Developed with the Joint Technology Committee and supported by a State Justice Institute grant, the initiative drew on expertise from the Center for Internet Security (CIS), the Court Information Technology Officers Consortium (CITOC), and the National Emergency Management Association.
Committed to promoting safe and secure courts as part of its strategic priorities, NCSC continues to offer tabletop training and technical assistance to courts seeking to improve their cyber response capabilities. Courts looking to strengthen planning, practice, and recovery efforts can visit NCSC’s cybersecurity resources at ncsc.org/cyber to discover more services, resources, and expertise.
Over 19 months, the workshops brought together about 250 participants from state, appellate, and local courts in 37 states and four territories, helping teams test incident response plans, identify operational gaps, and prepare for cyber incidents and other disruptions.
The workshops underscored a central lesson: cybersecurity is more than an IT function.
“These workshops gave courts time to bring the right people together, practice their response, identify gaps, and build the relationships they will need during a real event,” said Shay Cleary, an NCSC principal court management consultant and lead facilitator.
Effective readiness relies on coordinated planning across the enterprise, including judicial officers, court administrators, technology and security staff, public information officers, emergency managers, and legal counsel.
“The regional cybersecurity workshop was of such great value that I later replicated this at my local trial court with the participation of all key stakeholders,” recalled Robert Adelardi, chief information officer in Miami’s 11th Judicial Circuit of Florida. “Our organization is now in a much better position to handle court business interruptions caused by similar events.”
Jannet Okazaki, an NCSC principal court management consultant and co-facilitator, said participants left the workshops with practical strategies they can apply immediately. Courts are now actively recruiting additional cybersecurity staff, reusing tabletop exercises, and using the workshops as inspiration for broader cybersecurity initiatives, she said.
Cleary and Okazaki offer a few recommendations to help courts reduce risk and improve response before an incident occurs:
• Engage court leadership in cybersecurity planning.
• Establish or validate an incident response plan.
• Adopt a recognized cybersecurity controls framework such as the CIS Critical Security Controls.
• Conduct regular tabletop exercises.
• Strengthen communication protocols.
• Use national guidance and peer networks to support ongoing improvement.
Developed with the Joint Technology Committee and supported by a State Justice Institute grant, the initiative drew on expertise from the Center for Internet Security (CIS), the Court Information Technology Officers Consortium (CITOC), and the National Emergency Management Association.
Committed to promoting safe and secure courts as part of its strategic priorities, NCSC continues to offer tabletop training and technical assistance to courts seeking to improve their cyber response capabilities. Courts looking to strengthen planning, practice, and recovery efforts can visit NCSC’s cybersecurity resources at ncsc.org/cyber to discover more services, resources, and expertise.
