Cyber Training
for Municipalities
Tailored training for the unique challenges of municipalities
Protect your community
In the face of growing municipal cyberattacks, every stakeholder needs to understand their role in reducing the likelihood and impact of a successful cyber incident. No municipality is too big or small to be targeted, and the results can be devastating – compromise of sensitive citizen data, disruption of critical services, financial loss, reputational damage, and more.
The Catalyst can help — with interactive training sessions tailored for elected officials and leaders, IT professionals, and other municipal staff.
Interactive and experiential
Delivered by cybersecurity experts
Tailored to the unique circumstances of municipalities
Addresses leadership, technical and non-technical learners
Flexible Delivery – provided virtual or in-person
What we offer
- Catalyst Municipal Tabletop Exercises (TTXs) are customized, discussion-based scenarios that closely simulate, from a non-technical lens, how a cybersecurity incident would unfold within your municipality.
- Clarify and modify existing roles and responsibilities during a cybersecurity incident;
- Identify, test and validate existing organizational processes around incident reporting;
- Assess cross-departmental incident response and crisis communication planning;
- Educate executives and department leaders on their responsibilities during a cyberattack.
- For more information on our Catalyst Municipal Tabletop Exercises, click here
- The Catalyst Cyber Range platform is an interactive, simulated representation of an organization’s networks, systems, tools, and applications, connected in a virtual environment. Workshop participants are able to react and respond to cyber events and scenarios inside the virtual environment.
- Immersive and ultra-realistic – Not a gamified experience
- Experiential – Provides hands-on skills training in a safe and realistic environment
- Customizable – Accurately reflects a local environment with common cybersecurity applications, tools and systems
- Flexible – Enables remote or in-person delivery to learners
- For more information on our Catalyst Cyber Range Program, click here
- Catalyst workshops focus on technical or non-technical concepts for a variety of roles across an organization. Discussion-based skills and training sessions are delivered by an expert Catalyst facilitator, and are focused on planning, decision-making and action. Popular topics for municipalities include:
- Incident Response Planning Workshops
- Cybersecurity for Elected Officials
- Resilience & Risk Webinar
To learn more about these programs, please book a call with us
Catalyst Municipal Tabletop Exercises
The Catalyst Municipal Tabletop Exercises (TTX) are a customized, discussion-based activity that simulates a realistic cybersecurity incident. The program focuses on a municipality’s incident response process, allowing municipalities to exercise and assess their incident response plan (IRP) and overall management of a significant cyberattack.
A TTX scenario begins with a simulated inciting incident and then develops through a series of injects
— new information that prompts discussion and decisions from participants.
Why a TTX
This learning environment encourages open dialogue without the pressure of a live threat, enabling municipalities to:
- Practice and assess existing policies, processes, and procedures.
- Identify gaps in incident response planning.
- Proactively enhance municipalities’ resilience against deliberate cyberattacks.
This training is designed to help municipalities meet their mandatory emergency management training requirements under the Emergency Management and Civil Protection Act (EMCPA).
Target Audience: TTXs are for all municipalities, regardless of size, and their teams, from elected officials to IT staff and departmental heads, who want to be more resilient against cyberattacks. It’s designed for anyone who needs to know their exact role and responsibilities during a cybersecurity incident.
Interested in a Catalyst Municipal TTX? Each TTX is customized and tailored to your municipality’s needs, please book a call with us to discuss specific needs and pricing.
Catalyst Municipal Cyber Range Program
The Catalyst Municipal Cyber Range program consists of two cyber range sessions led by an experienced cybersecurity trainer. Learners will be walked through key cybersecurity concepts, with discussion centered around the municipal context, while getting hands-on experience in the Catalyst Cyber Range.
Target Audience: This program is for municipal employees across Canada, including IT professionals and junior cyber professionals. We can accommodate a maximum of 20 participants.
Why Cyber Range
This hands-on environment provides a safe space for your team to build technical skills without the risk of a real threat. It enables you to:
- Think like an attacker to proactively identify weaknesses in your systems and strengthen your defenses.
- Gain practical experience using professional-grade tools to respond to and contain a cyberattack.
- Prepare for a real attack by practicing incident response in a realistic, risk-free setting.
Session Dates:
- Cybersecurity Essentials A
- Date: November 5th, 1:00 – 4:00 PM
- See Scenario Description Below
- Incident Response and Ransomware (IR&R)
- Date: November 19th, 1:00 PM – 4:00 PM
- See Scenario Description Below
Cost: Registration for both sessions is $945 + HST per seat.
Scenario Descriptions
In this scenario participants will go through four modules relating to cybersecurity.
They will start by learning about recon and exploitation using Kali Linux acting like a penetration tester.
Then moving on to Wireshark to do an investigation of digital evidence obtained during a cyber event.
In module 3 a vulnerability assessment is done against a network infrastructure.
Finally in module 4, participants will act like a hacker and attempt to exploit a web application using tools found on Kali Linux.
This scenario replicates an enterprise environment, with a LAN, DMZ and SOC. The Red Team needs to find a vulnerability on the WordPress Server in the DMZ and then find a way to pivot from the DMZ to the LAN. The Blue team needs to monitor Palo Alto, DMZ server and Windows logs from their Splunk console in the SOC to discover alerts and IOCs. They should be able to detect the attackers’ attempt to gain control of the victim’s machine in the LAN via a reverse-shell. Finally, the red team escalates with a ransomware injection which the blue team must detect and respond to.
Resilience & Risk: Cybersecurity Webinar Series for Canadian Municipalities
Join Senior Advisor, Cybersecurity Training and Education from Rogers Cybersecure Catalyst, Randy Purse, and CEO & Founder of TaleCraft, Tim McCreight, for a three-part webinar series designed to equip Canadian municipalities with the knowledge and strategies to build robust and resilient cybersecurity programs. Learn how to identify, prioritize, and manage the risks that matter most to your operations and community services.
Platform: Zoom (Hosted by the Catalyst)
Course Duration: 3 hours (Each webinar is 1 hour)
Speakers
Date: June 26, 2025, 1:00 PM – 2:00 PM ET
Join us for an interactive 1-hour session—the first in a three-part series on municipal cybersecurity resilience—where we’ll explore how Canadian municipalities can clearly identify and understand the risks that truly threaten their operations and services.
This session breaks down cybersecurity risk in plain language that resonates with both leadership and the community, laying the foundation for stronger resilience. We’ll share real-world examples of how a clear grasp of risk has driven successful strategies—and the consequences when it hasn’t.
By the end of this webinar, you will:
- Define “cyber risk” in the context of municipal operations and services.
- Understand how a clear risk definition can guide cybersecurity priorities and resource allocation.
- Recognize common pitfalls in municipal risk assessment and how to avoid them.
- Learn practical steps to begin building a risk-aware culture in your organization.
Date: September 17, 2025, 1:00 PM – 2:00 PM ET
In the second of our three-part series on municipal cybersecurity resilience—we’ll show Canadian municipalities how to apply a risk-based approach to strengthen their cybersecurity programs during a 1-hour interactive session.
Learn how to prioritize defenses against common threats like ransomware, manage supply chain risks, and make the most of limited budgets. We’ll share practical strategies for aligning security efforts with your most critical risks, helping you stay adaptable without overloading your team or resources.
By the end of this webinar, you will:
- Identify current cyber threats to Canadian municipalities (e.g., ransomware) and evaluate them through a risk-based lens.
- Understand the impact of supply chain and third-party risks on municipal cybersecurity and how to address them proactively.
- Learn how to prioritize security initiatives under budget constraints by focusing on high-risk areas.
- Discover how to realign your cybersecurity program around risk priorities to build greater resilience.
Date: November 19, 2025, 1:00 PM – 2:00 PM ET
In the final installment of our three-part series on municipal cybersecurity resilience—we’ll explore how Canadian municipalities can build long-term resilience through continuous improvement.
During the 1-hour interactive session, learn how to test and validate your defenses, assess the maturity of your cybersecurity program, and implement a sustainable improvement process. We’ll introduce maturity assessment tools and Enterprise Security Risk Management (ESRM) principles, showing how municipalities have turned security gaps into strengths. You’ll leave with a clear plan to translate assessment results into meaningful, ongoing action.
By the end of this session, you will:
- Learn practical methods to test and validate your cybersecurity defenses (e.g., through tabletop exercises and simulated incidents).
- Understand how to assess your security program’s maturity using frameworks and ESRM principles to identify gaps and strengths.
- Discover how to establish a continuous improvement process that addresses weaknesses and adapts to new threats over time.
- Gain strategies for maintaining long-term resilience by regularly updating and refining your cybersecurity program.
Randy Purse CD, PhD, CTDP
Senior Advisor, Cybersecurity Training and Education
Tim McCreight
CEO and Founder, TaleCraft Security
Partnerships
Municipal Information System Association
(MISA Ontario)
The Catalyst has partnered with MISA Ontario to bring technical Cyber Range training tailored for municipal IT professionals. The MISA-Cyber Range program is open to anyone across Canada with an interest in Municipal Cybersecurity.
Association of Municipalities of Ontario
(AMO)
The Catalyst has partnered with AMO to provide training for elected officials and municipal staff.
What our clients have to say
“The MISA-Catalyst Cyber Security Essentials workshop offered a hands-on opportunity to use the same tools and techniques as threat actors. I left with valuable insights to take back to my workplace on how to better detect and defend against attacks.”
– Participant, MISA Cyber Range – Beginner Session
“The Cyber Range scenarios were well thought out and interactive. I especially enjoyed switching between the attacker and blue team perspectives and working with logs—it was a great learning experience.”
– Participant, MISA Cyber Range – Beginner Session
“Our participation in the Incident Response Planning Workshop and Tabletop Exercise was enriching and transformative. The sessions provided invaluable insights and practical skills in a supportive and engaging environment.”
– Participant, IRP Workshop & TTX
“Overall, the workshops were well received and helped us clearly distinguish roles and responsibilities. Senior Management was fully engaged, and the sessions made everyone feel part of the same team.”
– Participant, IRP Workshop & TTX
“The Tabletop Exercise was one of the best emergency training scenarios I have ever participated in. It was practical, engaging, and very impactful.”
– Participant, TTX
“The Tabletop Exercise was presented in clear, non-technical language and tailored to a business audience, which made it especially valuable and easy to apply.”
– Participant, TTX
Not sure where to begin? Start here
Join us as we work to strengthen the cybersecurity of municipalities across Canada. Start by downloading our free Cybersecurity Incident Response Plan checklist. Connect with our team to learn more about customized training options for municipal organizations.