FirstNet must balance transparency, security goals during upcoming talks with state, public-safety officials

If all goes well, FirstNet will conclude its massive request for proposals (RFP) process by revealing its contractor partner in less than four months, according to the organization’s RFP schedule. While that announcement certainly will be a significant milestone, it will only mark the beginning of a new phase for FirstNet, which then has deliver the nationwide public-safety broadband network that first-responder officials have anticipated for so long.

Barring complications that could be introduced by potential protests of the FirstNet procurement process, the next step for FirstNet will be to work with its contractor partner to develop a deployment plan for all 56 of the states and territories.

While the final version of these state plans are scheduled to be released simultaneously to all governors  within 6 months of the contractor signing the 25-year deal with FirstNet, officials for FirstNet have been outspoken that nothing in the final state plan will surprise the governor, or at least key members of the governor’s staff.

To achieve this goal, representatives of FirstNet and the contractor will meet with each state’s single point of contact (SPOC) and a group of selected state officials to review the draft deployment plan for the jurisdiction. Inputs from this review process can be included in the final state plan that is delivered to the governor around May 1 of next year, if everything proceeds as scheduled.

On the surface, this draft-review process sounds pretty straightforward—and, hopefully, it will be. But the potential for complications certainly exists, and FirstNet officials will need to make some key policy decisions that could impact public safety’s adoption of the system, particularly during the early years of operation.

FirstNet already has taken significant strides in one area: managing expectations within states and territories about the flexibility in each deployment plan. Remember, FirstNet and the contractor will have signed a contract based on the contractor’s deployment proposal that was submitted by May 31 as part of the RFP process. States and territories seeking a wholesale overhaul the draft-plan proposal likely will be disappointed, because that could undermine the contractor’s business plan.

However, state officials will have a chance to provide input about the draft plan and propose some changes based on factors that FirstNet and contractor may not have considered before.

What will be interesting to watch is how this draft-review is conducted and how information is shared, both at this stage and after FirstNet delivers its final state plan to each governor.

That’s because FirstNet will be a public-safety network that will transport highly sensitive information every day. As such, it is expected to be a prime target for physical and cyber-based attacks. Nothing can be done about FirstNet’s target status, but the last thing anyone wants is to have the FirstNet system’s inner workings detailed on the Internet, making it significantly easier for potential attackers to identify vulnerabilities.

In other words, FirstNet is faced with an age-old conundrum: transparency and security goals historically have not been easily compatible. While FirstNet officials likely want to spread the word about its plans to build a highly secure, reliable network for public safety, exposing too many details to the public could compromise both security and reliability.