Panelists discuss current ransomware attacks, public safety’s need to coordinate cybersecurity efforts
Given the interconnected nature of public safety, it is important that that cybersecurity is improved at all levels, because hackers will identify and attack “the weakest link” to enter the system, then infiltrate it more completely once inside the system, Hewitt said.
While some urban-area PSAP and public-safety entities may have the financial and technical resources needed to implement the best cybersecurity practices, that is not the case throughout the nation, Simpson said.
“It’s a lot easier [for a hacker] to break into a one-cop shop in a bayou in the middle of Louisiana and get that person’s user name and password, and then use that to go back into the CJIS [Criminal Justice Information System] system and get the data,” Simpson said.
With this in mind, the FCC is advocating the establishment of Security Operations Centers (SOCs) that can support cybersecurity efforts for multiple PSAPs, including many that could not afford to implement the practices on their own, Simpson said.
“Small PSAPs aren’t going to have their own SOC, so I believe we need to develop the concept of a shared Security Operations Center (SOC) that is supporting multiple PSAPs, with the multiple PSAPs coming together and saying, ‘OK, we’ll pay to have a [system operator] running that Security Operations Center,’” he said.
“Maybe it’s at the state level. Maybe, in Texas, you have five of those, because they’re so large. But we need to get Security Operations Centers supporting each of the PSAPs, and that’s where the information sharing is going to happen.”
In a speech delivered at the APCO 2015 show last week, FCC Chairman Tom Wheeler called on Congress to help fund such SOCs and other initiatives associated with the transition to IP-based next-generation 911.
All of the speakers applauded the NIST Cybersecurity Framework and urged all entities to follow those guidelines, including the use of multifactor identification, establishing a “good” operational baseline that is backed up on the system and can be restored as part of the recovery process after a hack occurs.
Drew Morin, senior vice president and CTO at TeleCommunication Systems (TCS), said it is important to educate employees about cyber threats and to explain the enterprise’s strategies to combat them and/or mitigate the risks.
“Fear without knowledge can be stifling,” Morin said. “Knowledge creates awareness, and through awareness, you can create action—and that’s what we’re trying to do here.”