https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Security


The critical mission

The critical mission

A basic primer for protecting mission-critical communications networks from cyber attacks.
  • Written by Urgent Communications Administrator
  • 1st June 2012

This is the second article in a multipart series on how to protect mission-critical communications systems from cyber attacks. The first article discussed how the public-safety world is migrating from self-contained communication systems to IP-enable connected networks.

It also reviewed the results from a survey that we recently conducted to determine the awareness level regarding cybersecurity threats, as well as the impact of various economic factors on the ability of entities to address such threats. Finally, the article examined the increasing number of security breaches being suffered by public-safety and mission-critical communications systems and networks.

Now we will look at a holistic approach to cybersecurity, with an emphasis on developing a foundation for protecting vital communications networks.

Lurking around every corner are opportunities to inflict your critical communications systems with malicious activity. This activity often appears first as a seemingly harmless action, such as an unexpected e-mail or unusual network behavior.

Malicious activity can be introduced from:

  • Internet access (anywhere on the network)
  • USB ports
  • CDs
  • E-mail
  • Wireless systems (e.g., WLAN and LMR)
  • And may result in:
  • Denial-of-service attacks
  • Hacking (stealing or altering data)
  • Jamming signals
  • Leading to potential consequences such as:
  • Slowing your ability to provide service
  • Halting your ability to communicate
  • Personal information made public
  • Safety of responders or public endangered

A security plan, supported with policies and procedures, provides a methodology to assess, address and mitigate risks. Without a sound security structure in place, you are open to malicious activity that can invade your network, steal your data and deny service to your users. In an enterprise or business network, these harmful attacks can result in a major inconvenience; in public-safety and mission-critical industries — for example, power utilities and transportation departments — they literally can impact life-or-death situations.

Effective security results from the culmination of a holistic, organized plan. Without a solid methodology, the security effort disintegrates into isolated pockets of disconnected processes. Securing each vulnerable element of your communications network requires a cohesive plan, and a process that fits within your organization’s overall security posture.

In order to develop a plan that aligns with your organization’s systems and priorities, we recommend that you first conduct a vulnerability assessment, which is an affordable way to baseline your systems and processes and identify where cybersecurity gaps exist. Depending on the level of expertise possessed by your organization’s IT staff, they may be able to conduct this assessment. However, you may need to engage a third-party cybersecurity expert — ideally one that is familiar with public-safety and mission-critical networks and systems.

Consistent with our recommendation that security be approached holistically across all the interconnected networks and applications, the preferred approach to the vulnerability assessment would be one that includes all of the elements in an end-to-end network. However, if budget or other priorities dictate, a vulnerability assessment of individual subsystems or elements is better than none at all. As budget permits, or as your system configurations change and grow, you can conduct vulnerability assessments on other system elements, ultimately building a more complete picture.

In planning for a vulnerability assessment, don’t overlook networks (particularly connectivity) that may be under the oversight of others, but provide you with capacity or service on a shared basis. Our survey indicated that 35% of respondents use a shared IP network to connect their radio systems, and another 15% are planning to use other types of shared facilities, such as leased fiber or microwave for backhaul.

Sharing a network can introduce additional risks and these situations should be considered in the vulnerability assessment. As with any scenario, as long as the vulnerabilities are identified and the risks are known, a security strategy can be fashioned that addresses these risks.

Once the vulnerability assessment is completed, the results should be documented in a written report that explains the findings and identifies both the vulnerabilities and risks associated with each. These findings then can be reviewed and discussed by your agency, and used to establish goals and a strategy that align with your organization’s overall security priorities, practices and budget.

Based on this understanding of the cybersecurity vulnerabilities of your networks and systems, and having identified priorities for addressing them, you now can develop a security plan that truly meets your agency’s needs.

Such a plan should express the organization’s desired security posture and provide the authority to intervene when a practice is contrary to the plan. It is intended to provide the overarching vision and strategy necessary to realize the goals, objectives and intentions regarding cybersecurity throughout the operating environment.

A security plan is a living document, and as such should be reviewed at least on an annual basis. It exists to ensure that the organization’s vision and strategies in this regard are sound and will remain applicable in an environment that constantly is changing.

The primary purpose of a security plan is to:

  • Identify the objectives
  • Communicate, promote and increase awareness of security across the organization
  • Identify the standards and frameworks applicable by law, regulation and mandate
  • Identify the policies necessary to implement and enforce the plan

A security plan also should guide the process of purchasing needed equipment and services. Indeed, all hardware and software, as well as any entities that enter the network, should be aligned with your security plan in order to maintain a safe environment. Moreover, any successful plan expands to include the security risks borne of future additions to the operating environment.

 

Meanwhile, security policies provide direction to employees, supervisors, vendors and other entities that interact with the operating environment. Such policies should be consistent with the unique operational requirements, i.e., laws, regulations and mandates, as established in the security plan. In addition, policies provide specific direction concerning the proper authorization and authentication for accessing the network. They also address the physical aspects of the environment, specifically their impacts on cybersecurity.

Basic policy parameters to consider are:

  • Acceptable use
  • Access control
  • Network security
  • Physical security
  • Data classification
  • Change management
  • Security training and awareness
  • Security review and audit

To ensure that your security plan and policies are being applied appropriately across all functions, security procedures are put in place that provide specific direction regarding accepted practices within the operating environment.

Specifically, such procedures provide step-by-step actions for implementing policies and further explain the look and feel of the operating environment. This may be accomplished by detailing the sequence of actions or by defining specific instructions for completing tasks. This series of steps is to be followed each time a task is performed, which ensures that the operating environment remains consistent, outcomes are pre-determined and mishaps quickly are identified.

Typical procedures include:

  • Baseline configurations
  • Performing maintenance
  • Applying system changes
  • Granting access to systems and facilities
  • Composing passwords

Procedures provide the knowledge of exactly what to, and how the task should be performed. When everybody is following the same procedure, the environment remains uniform. This makes troubleshooting and error-correction much easier, because unusual activity or information that does not meet the standard requirements is much more noticeable.

Of course all of this is for naught if the defined policies simply sit on the shelf and the associated procedures aren’t followed. Your security plan, policies and procedures must be proactive in order to produce the expected results. To ensure compliance, it is necessary to train employees so that they understand what is expected of them. It also is necessary to monitor the actions within the operating environment in order to determine whether the behavior of employees, systems, services and other entities that may interact with the operating environment are secure.

Each employee accessing or using various elements or applications of your critical communications network should receive security training upon being hired. A new employee should understand the security practices in the organization and become well versed in what is acceptable, what is not acceptable and actions to take when a situation appears to conflict with the security posture of the organization.

To reinforce initial training, additional training should be conducted annually. This is a good opportunity to discuss changes to security processes and reinforce the overall environmental flow. It also is advisable to conduct short training sessions as needed to provide awareness of current or emerging threats, and guidance on how to recognize and mitigate them in an appropriate manner.

Next, in order to validate that the organization’s plan, policies and procedures are providing the expected outcome, the environment must be monitored. Monitoring requires myriad actions, including automated and manual review of logs, physical inspections and reporting. The first steps are to:

  • Enable logging
  • Routinely review logs
  • Retain logs to establish trends, identify malicious activity and investigate events
  • Report the state of the environment
  • Proactively mitigate threats as they occur

A scheduled routine should be established to monitor and respond to events and anomalies. Irregularities may indicate malicious activity, deviations from policy and procedures, or simply flaws in logging mechanisms. Other best practices include the following:

Anti-virus protection: The software used to conduct business should be kept free of viruses and other malicious programs. Our survey indicates that 65% of the respondents employ anti-virus software as a safeguard. If you are among the 15% who do not utilize anti-virus or the 20% who are not certain it is recommended that you install and maintain the latest version of anti-virus software on every device capable of supporting the application.

Third-party hardware and services: Your organization should obtain contractual assurance that all devices and applications maintained by third-parties, such as routers and databases, are monitored and maintained in the same fashion as organization-owned equipment.

Incident response plan: One should be developed to provide appropriate response, procedures and guidelines when suspicious events occur.

So far, our series has touched on the need to address cybersecurity and to create a holistic approach to understanding your vulnerabilities and establishing the key elements of a security plan. Our final article will examine the common pitfalls and misunderstandings regarding the security of today’s mission-critical communications environment. n

Ed.: The authors invite you to ask specific questions about cybersecurity as it relates to public-safety and mission-critical networks. The questions will be addressed in the final article of the series. E-mail your questions to [email protected].

J. Kevin McGeary is a senior consultant in L.R. Kimball’s radio and wireless group with more than 35 years experience in public-safety communications.

Lori J. Kleckner, PMP, CISSP is a cybersecurity consultant for L.R. Kimball with extensive experience in collaborating with agencies at the local, state and national levels.

  • Wages, security-clearance concerns hinder cybersecurity hirings
  • First-hand lesson in the importance of cybersecurity
  • Cybersecurity concerns for mission-critical entities
  • UCtv: Where to look for cybersecurity talent
Tags: Data Network Security System Design Wireless Networks

Most Recent


  • Cybercrime ecosystem spawns lucrative underground Gig Economy
    Over a 30-month period, cybercriminal gangs and threat groups posted more than 200,000 advertisements seeking workers with skills in software development, maintaining IT infrastructure, and designing fraudulent sites and email campaigns. The demand for technically skilled individuals continues, but it peaked during the coronavirus pandemic, with double the average job advertisements coming during March 2020, […]
  • FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota
    The unmanned aerial vehicle (UAV) avionics company uAvionix received Federal Aviation Administration approval to conduct advanced beyond visual line-of-sight (BVLOS) flights of small UAVs in North Dakota.  The flights will be conducted at the Northern Plains Unmanned Aerial Systems (UAS) Test Site (NPUASTS) in Grand Forks, one of seven FAA-run UAV test sites in the U.S., using […]
  • AT&T boasts of core 'white box' success in 5G, fiber push
    AT&T said it has now migrated more than 52% of all of its production traffic onto next-generation “white box” core routers running on products from the likes of Broadcom and DriveNets. The company said its move to such “open” systems has helped its aggressive 5G and fiber expansions. “We announced the next-gen open disaggregated core routing […]
  • AT&T wireless growth keyed by FirstNet—now provides 24,000 agencies with 4.4 million connections
    AT&T this week reported that FirstNet ended 2022 supporting more than 24,000 public-safety agencies with “about” 4.4 million connections, including 377,000 connections that were added during the last three months of 2022—a total that represents more than half of the carrier’s post-paid wireless growth for the quarter. AT&T officials released these figures in conjunction with […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • The critical mission
    Newscan: Feds recover millions from pipeline ransom hackers, hint at U.S. Internet tactic
  • Cyber is the new Cold War, and AI is the arms race
  • Microsoft patches 6 zero-day vulnerabilities under active attack
  • IoT connectivity spending climbs as COVID-19 cases decline

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Cybercrime ecosystem spawns lucrative underground Gig Economy dlvr.it/ShkKbf

31st January 2023
UrgentComm

FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota dlvr.it/ShgxHW

30th January 2023
UrgentComm

AT&T boasts of core ‘white box’ success in 5G, fiber push dlvr.it/Shgb4w

30th January 2023
UrgentComm

Spending American Rescue Plan Act funds: A primer for municipalities dlvr.it/ShgZ52

30th January 2023
UrgentComm

AT&T wireless growth keyed by FirstNet—now provides 24,000 agencies with 4.4 million connections dlvr.it/ShY5qH

27th January 2023
UrgentComm

Report: Remote work causing offices to empty, but walkable cities still in high demand dlvr.it/ShXM7Z

27th January 2023
UrgentComm

AT&T FirstNet unleashes robotic dogs for emergency services dlvr.it/ShW7p8

27th January 2023
UrgentComm

Federal agencies infested by cyberattackers via legit remote-management systems dlvr.it/ShVhn3

26th January 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.