IF YOUR PSAP IS HACKED, WHAT ARE THE RISKS – INTERNALLY AND TO CITIZENS?

There have been 184 cyberattacks on public safety agencies and local governments in the past 24 months.

These attacks emphasize how much 9-1-1 Agencies need Emergency Services Grade 24/7 monitoring and 9-1-1 systems management to maintain operations and keep citizens safe. But where do you start?

Start Here

Security Considerations

In light of the cyberattacks on PSAPs, here are some things to think about in your NG9-1-1 security planning. How would your PSAP respond?

What are you most afraid of if your PSAP is hacked?

Many PSAPs look at power, networking, fiber paths, staffing, software failures, hacking. Sadly, the list goes on. They’re all things that fail and things that will hurt when they do. But how do you stack rank them and engage the most critical before the less critical? How can you TELL where to focus first given the realities of time and budget?

Do you patch regularly?

In almost all of the cyberattacks studied in 2016 and 2017, failure to patch - or update - systems regularly was the primary reason hackers were successful. Based on this fact, how sure are you that everything in your environment is patched?

Do you have someone who owns and understands your system ecology top to bottom?

Or do you have multiple vendors – hardware, software, network - all trying to move the solution in slightly different directions? In simple English, two strong arms, two strong legs, a good core… but without a brain to steer, you might not go as far as desired. Dealing with fewer vendors makes it easier for you to understand your risks and what you require.

Are your firewalls protecting you with an intrusion detection solution?

In other words, can the firewall recognize known bad traffic, or are we just hoping for the best?

Is your network fully encrypted – so that all traffic is encrypted?

Imagine if you were a hacker and got in and EVERYTHING was in ciphertext (aka, gobbledygook).

Do the vendors you rely on for security comply with standards?

Or are they making it up based on the fact that they really like XYZ technology / technique? We’ve all seen technical engineers argue back and forth over all the ways to do something. Better to ask for work to be done to a standard.

When you implement NG9-1-1 call routing, will you run a risk assessment to recognize potential threats and then identify the controls you have in place to calculate and mitigate those risks?

Where ARE the vulnerabilities - really? We’re all human, and we tend to engage the parts we understand, but that’s not how the hacker will be looking at your system.

Always Assume...

That bad guys are going to try and hack your systems, which makes it essential to plan accordingly and get help from security experts.

Network & Security Operations Center for Public Safety

Learn why thousands of 9-1-1 Agencies depend on our state-of-the-art security services through our Network Security Operations Center (NSOC), designed exclusively for Public Safety. Our mission is to reduce your risk, save you time and maximize performance of your systems.

For more information, click here.

For assistance in responding to the security considerations above, Contact Us.