Cybersecurity could be the biggest challenge for FirstNet, next-gen 911
Other times, the problems are created intentionally. High-profile data breaches are all too common, whether the targets are corporations like Sony and Target, a web site like Ashley Madison, or federal government entities like the National Security Agency (NSA) or the Office of Personnel Management (OPM), which had information associated with more than 22 million federal employees compromised for almost a year before detecting the data breach.
Already, hackers are infiltrating government IT systems and holding public-safety data for ransom—and public-safety entities have paid it, because they can’t find another way to recover their critical information. And Chrysler last month recalled 1.4 million vehicles with a software vulnerability that would let a hacker disrupt engine, braking and steering functions remotely.
As if these examples aren’t bad enough, the potential implications are downright frightening. Imagine the havoc a terrorist hacker could wreak by infiltrating the navigation or engine functions on a plane, train or even a drone. A hack into a utility system could result in a lengthy power outage or worse, if a nuclear power plant is involved. In a law-enforcement or judicial situation, a hacker could ruin the chain of custody of key digital evidence that could result in the release of a known criminal.
With these dangers in mind, it is paramount that interconnected smart-grid NG911 and FirstNet systems are developed with the best cybersecurity possible, without making the systems so burdensome that they are rendered unusable by the first-responder personnel they are designed to help.
Given this, it was great to hear FirstNet President TJ Kennedy announce the organization’s plans to unveil its cybersecurity strategy this fall, as well as FCC Chairman Tom Wheeler’s call for the federal government to devote funding and cybersecurity resources to NG911 rollouts. These critical public-safety initiatives need all the cybersecurity help they can get, because they promise to be prime targets for hackers upon deployment.
Of course, what’s disconcerting is that no entities—even those with tremendous resources—seem to be able to secure their IP-based data systems, so there is no clear blueprint to follow to ensure success.
If cybersecurity can be demonstrated in the 911 and FirstNet arenas, it would be a huge step to encouraging public safety’s adoption of the new technological platforms, because the functionality associated with both initiatives should be very compelling. On the other hand, if there are cybersecurity questions and public safety is not confident that its sensitive data will be protected in the next-gen 911 and FirstNet environments, entities will resist adopting, no matter how efficient or interoperable the new systems are.