The number of cyberattacks is growing exponentially every year, with the increase in mobile applications, social media platforms, and other technologies serving as the catalyst. This trend can be seen across all sectors, but one of particular concern is public safety. The growing number of cyberattacks on agencies is a dangerous trend with real implications for not only the protection of citizens’ privacy but the safeguarding of critical infrastructure.
For public safety agencies to prepare for cyberattacks, it’s important to understand the types of attacks and their far-reaching impacts. Until the last few years, the main threat has been that of cybercriminals stealing personal information. These attacks put an agency’s sensitive data, such as criminal records at a police station, at risk. While this is still a prominent threat, it is no longer the only one. Cyberhacktivism is an emerging trend that isn’t necessarily carried out to steal information, but rather pushing a political agenda through a cyberattack. Unfortunately, police, security, and other critical service organizations often find themselves as the target of these stunts.
Cyberterrorism and cyberwarfare are also rising in importance, as their impact goes beyond compromising sensitive data to crippling a community or even an entire region. For example, if critical infrastructure, such as a utility, is targeted, it could force them to shut down their grid. Agencies must be prepared to face the reality of having no access to systems but still needing to dispatch resources in response to the physical impact of the cyberattack, as well as everyday needs like medical emergencies. Lastly, an often-overlooked area is the impact of physical security on cyber threats. Ill-trained employees or unauthorized intruders can wreak havoc on an agency’s network with a wayward flash drive or a litany of other potential breaches.
By understanding each of the bad actors, agencies can better prepare for, and prevent, cyberattacks from happening. Thankfully, there are a few basic steps every public safety agency can take.
To start, every agency needs a clearly defined cybersecurity policy that involves regular risk assessments. Smaller agencies that don’t know where to start can lean on many publicly available resources, such as the U.S. Department of Justice’s Cybersecurity Unit, which provides valuable cybersecurity best practices for law enforcement. Industry groups can also provide valuable resources, training, and assistance, such as the International Association of Chiefs of Police’s Cyber Center.
Furthermore, each municipality’s and jurisdiction’s public safety processes vary, so emergency departments should also contract a cybersecurity consultant to audit the agencies’ systems and emergency management plans to make recommendations for responding to each type of potential security threat, if possible. Unfortunately, it’s common for public safety agencies to have limited resources, so they must perform their own due diligence. Many still work with vulnerable legacy software housed on outdated servers, so that task could seem daunting at first. But there have been many technological developments, particularly with respect to “the cloud,” that significantly reduce the cost and complexity.
Modern cloud solutions are very capable of securely storing the applications and data needed for emergency response departments. Experienced cloud providers adhere to the FBI’s Criminal Justice Information Services Division (CJIS) compliance standards to ensure the best security measures are in place.
What’s more, cloud solutions can facilitate inter-agency collaboration by treating data access on a “need to know” or, more specifically, “need to use” basis. Entities sharing data take ownership of what is shared from their source systems, such as constraint-based sharing rules defined at both the “edge” (the source system on-site) and the application level to ensure that the data is properly filtered and anonymized. This multi-agent, constraint-based approach provides multiple levels of security to help mitigate potential issues and also ensures compliance with privacy standards (e.g., GDPR).
Of course, while much progress has been made in cybersecurity on the technological front, the weakest link in any system is always the human element. As previously mentioned, ill-trained employees and unauthorized intruders pose a serious threat. Providing adequate training to administrators of the agencies’ data and any other entities providing digital information to that agency is a must. Every employee needs to learn how to recognize and stop cyber threats just as they would recognize dangers in the field. There must also be checks and balances for data access like Two-Factor Authorization, thereby eliminating the single points of failure that have crippled some public safety agencies in recent years. The saying “an ounce of prevention is worth a pound of cure” very much applies here.
Building a cyber-secure culture will not happen overnight. Team leaders need to understand the types of potential cyber threats and evolve their policies and practices to fit the ever-changing digital world. The need to collaborate and communicate must also be emphasized in order to keep the agency in a proactive, not reactive, mindset. Fortunately, by leveraging new technologies, industry resources, and training, first responders can give the public peace of mind that its digital safety is just as well-protected.