It was a nightmare scenario: John Smith (name is changed) the director of a mid-size Midwest PSAP (Public-Safety Access Point), got a call in the middle of the night. His IT manager said there was a possible DDoS attack. Workstations and mobile data began to lock up quickly as the attack spread.
John’s first thought: we just invested in a bunch of anti-virus software and bought new, state of the art firewall and hardware solutions. How did this happen?
John’s experience is one faced by PSAP directors around the country and serves as a cautionary tale from a recent article authored by Motorola Solutions: An Introduction to Cybersecurity for the PSAP.
The article argues that too many PSAPs, like John’s, focus solely on software and hardware solutions instead of a comprehensive cybersecurity strategy. While technology is important, so are well-defined processes and fully trained staff. A thorough understanding and implementation of best practices from standards bodies such as APCO, NENA, CJIS, NIST, and others are also critical.
The article serves a high-level guide to help readers implement an end-to-end cybersecurity solution based on the NIST Cybersecurity framework, including technology, processes, and people.
One of the most important aspects of an end-to-end cyber strategy, according to the article, is getting a handle on its overall scope. PSAPs must define the systems and data to protect, looking at systems such as CAD, reporting, and telecom and especially often overlooked systems such as radio, mobile data applications and devices, access control systems, and IIoT devices. Once the full cybersecurity scope is defined, along with a full understanding of risks and threats, cybersecurity processes can be developed and put into place.
Well-run PSAPs closely adhere to a set of standard operating procedures (SOPs). Cybersecurity should be no different. A well-constructed SOP ensures smooth operations, especially during times of crisis, while helping to manage risk and liability. The SOPs also form the foundation for an employee training program, creating a written record that ensures everyone is clear on their responsibilities and roles within the cyber strategy.
Cybersecurity & People
People are the most important element in any cybersecurity strategy. That’s why it’s so important for all employees, not just the IT department, to understand their roles and be able to carry out their responsibilities according to the cyber SOP. Ongoing employee cybersecurity training and testing as well as continuously refreshed risk assessments are critical pieces of the SOP and integral to a successful cybersecurity strategy.
NIST Security Framework
Fortunately, the National Institutes of Standards and Technology (NIST) designed a framework to help agencies create cybersecurity strategies. The NIST Cybersecurity Framework defines the technologies, processes, and people necessary to create a PSAP SOP and provides guidance on five key areas: Identify, Protect, Detect, Respond, and Recover.
For PSAP Director John Smith, and other men and women throughout the country facing the same challenges, a detailed and complete end-to-end cybersecurity solution based on the NIST Framework is the best defense against cyber threats. By integrating technology with processes and people, PSAPs can take a proactive approach to cyber security and will never have to wonder how a devastating breach could have threatened their operations.
Read the full article, An Introduction to Cybersecurity for the PSAP.