Your public safety mission depends on the security and availability of your Computer-Aided Dispatch (CAD) system. It’s ultimately the foundation for telecommunicators to perform life-saving tasks — prioritizing and recording incoming calls, sending emergency personnel where they are most needed and tracking responder location and status. All of your critical operations could come to a screeching halt, though, if a cyberattacker sneaks past your dispatch center defenses.
Despite being engineered for security, CAD workstations and servers are increasingly targeted by cyber criminals and other threat actors. Some are driven by political or ideological motivations looking to create chaos by disrupting 9-1-1 dispatch and other public safety services. Others are criminal organizations looking for financial gain. They may threaten to publish stolen information unless they’re paid a ransom, or use a ransomware attack to lock your systems, rendering them unusable. Some attacks are purely opportunistic as cybercriminals look for any unprotected endpoint they can exploit to get a foothold in your network.
How Can Cyber Threats Impact CAD Systems?
At Motorola Solutions, we continue to make substantial investments in securing the infrastructure used in CAD systems. Although our CAD systems have been carefully designed and thoughtfully deployed with security as a top priority, they connect to a variety of complex complementary systems. These systems, while providing important capabilities and automations to your operations, also contribute to the overall system’s vulnerability.
For example, your agency’s CAD workstations often serve multiple purposes for your personnel, like checking email, browsing the web and other day-to-day tasks. As a result, they provide a window for your CAD to be taken offline by ransomware attacks that target CAD systems and their surrounding infrastructure.
Since CAD workstations are often on the IT network, if other IT infrastructure is compromised, the reaction is often to shut down the network immediately. In doing so, CAD systems are taken offline. So protecting the IT workstations adjacent to and connected CAD systems is important as well.
In addition, many hosted services are also integrated with other agency-owned and/or on-premises equipment. Without additional security controls, these third-party integrations can place your systems at risk, no matter how inherently secure the mission-critical system may be.
Even if your agency or local government is fortunate enough to have an in-house IT and security team, it is a complex environment with dozens of security tools to manage. It’s easy to miss actual security threats in the thousands of daily automated notifications from applications, hardware, software and devices.
How Managed Detection and Response Services Protect CAD Systems
Our mission is to help your agency stay ahead of these threats, giving you your best chance at keeping your system secure and your data confidential.
With Motorola Solutions’ Managed Detection and Response (MDR) services, we’ve got you covered. Our highly-trained and certified cybersecurity experts within our Security Operations Center (SOC) are dedicated 24/7 to monitoring your PremierOne or Flex system. They can also find and remediate threats to the rest of your IT network, cloud applications and infrastructure, and other endpoints outside of CAD.
Our MDR services are powered by our ActiveEye security platform. Using advanced analytics and automation, ActiveEye ensures that real threats to your system are quickly identified and displayed on a single pane of glass. This gives you constant visibility, so that your operations team is always in the loop. ActiveEye enables your team and our SOC analysts to focus on the most important issues, while filtering out false positives that can distract from actual threats.
The ActiveEye platform also integrates with Endpoint Detection and Response (EDR) tools your agency may already have, like Crowdstrike or VMware Carbon Black. This enables our SOC analysts to look for anomalies that can indicate previously unknown attacks or insider threats to your CAD endpoints. If there is a suspected incident, such as an attacker attempting to breach your existing security controls, this added layer of protection enables security analysts to respond and intervene quickly. By isolating hosts and blocking, allowing or removing files, threats can be remediated faster.
With an annual subscription to our MDR Services, you get access to a team of cybersecurity experts who understand public safety, and work with you to co-manage the protection and security of your systems as well as the surrounding infrastructure. If a legitimate threat is found, you can either perform your own investigations and remediation, or let our SOC analysts do it for you.
Summary
The threats to CAD workstations and servers from cyber attacks like ransomware are real, and they’re not going away, as many agencies and municipalities have learned the hard way in the past few years. The more systems are interconnected, the more features and value they offer agencies and their constituents. However, this can create new threat vectors that cybercriminals and hacktivists are quick to exploit.
Many agencies aren’t sure what their risks are, or are considering deploying cybersecurity solutions like next-generation EDR but struggling to prove ROI from existing solutions. Internal IT and security teams may be overwhelmed with alerts, or find it difficult to hire people who understand what they mean and how to remediate them. Working with a partner like Motorola Solutions that has an experienced, 24/7 team of cybersecurity specialists and consultants who also understand public safety can help you get the most from your investments. It can also free up time for your IT and security teams to focus on other priorities and better carry out their mission.
Learn more about our Managed Detection and Response solutions for Spillman Flex and PremierOne CAD systems, or contact us for more information.