In 2018 Waukesha and Milwaukee County will be fully migrating to a joint P25 mission-critical, digital, radio system for first responders and dispatch personnel. The IP-based system has so many benefits over our previous analog systems not the least of which is our ability to talk across two counties and easily coordinate responses and investigations with multiple agencies. But this sophisticated technology, like all IP based technology, is vulnerable to cyber attacks from unauthorized users, looking to take down the system or hold the system ransom for money.
As we built the new radio system we realized we needed to take a look at our cyber security protocols and make sure we have the appropriate support in place to protect the system against potential impacts from cyber threats such as malware, phishing malicious code, botnets and unauthorized users. Routine software updates and patching is one of the best ways to protect a system. In fact, according to the Department of Homeland Security Cyber Emergency Unit, at least 85% of attacks can be prevented by routinely applying security patches.
To protect the system from cyber threats we use a security update service to manage the complexity. System managers review all available software patches, determine if they are necessary and then test them in their lab to make sure there will be no adverse effects on our system when the patches are implemented. When the upgrades are pushed out into the production environment, they are implemented systematically following a rigid set of protocols to make sure there are no unprotected areas of the system and the users are not impacted. This is beneficial because we have a highly available system, relied on by field and dispatch 24×7, and we need to minimize any downtime. It also controls the number of people who are touching the system and possibly opening the system up to outside intrusions.
Just knowing that there are individuals out there that are dedicated to watching the system, have a baseline for what normal traffic is, and can see when the spikes occur that require action definitely allows me, as an administrator of the system, to relax a little bit and focus on the things I need to focus on which is our people and future enhancements.
My advice to other system administrators is to make sure you know what your cyber security protocols are and make sure it’s being done effectively because you do not want to be impacted by a downtime event. Today’s IP systems are much different than the old-school, siloed analog systems; everything is interconnected and vulnerable now. So, it is important to make sure that patches are being done by the people who are specifically designed to support that system.
I invite you to watch a newly released Waukesha County Communications operations video and hear from our people how we are keeping our system and our community safe and secure.
To learn more about the importance of cybersecurity and patching please attend Motorola Solutions’ Troy Mattern, VP of Cybersecurity Products and Services during APCO Cybersecurity Speaking Session: “Welcome to the ‘No FUD’ Zone” on August 6 at 4:30 PM – 5:30 PM.