As technology continues to reshape and redefine public safety, an area that’s seen perhaps the biggest change is the public safety answering point (PSAP). With more than 6,000 dispatch points across the United States alone, these centers are a focal point to the public safety mission.
However, over the last three years, PSAPs have been hit by more than 40 major cyberattacks. These incidents rerouted calls away from dispatchers, putting PSAPs and the public at risk.
Additionally, recent attacks in Las Vegas, New Orleans, and even cities as small as Florida’s Pensacola have led to states of emergency and panic among city employees. To defend against attacks, PSAPs must adopt protective measures and leverage industry resources to boost their cybersecurity efforts.
Let’s look at three key steps your PSAP can take to stay on the offensive:
1. Evaluate your IT resources
Start by evaluating your current IT situation. Does your agency have a dedicated, full-time IT staff or do you perform your own IT maintenance? When it comes to preventing cyberattacks, it’s crucial to invest in security experts who can anticipate these attacks and plan accordingly. Without this investment, PSAPs are vulnerable to attacks they can’t anticipate.
Cloud-based solutions are an option for PSAPs unable to devote budget to full-time security experts. They securely host the applications and data dispatch centers/emergency response departments depend on.
2. Implement a cybersecurity policy
Any PSAP without a clearly defined cybersecurity policy is putting itself and the public at risk. Every organization operates differently with policies varying from center to center, but the steps to develop these policies are the same across the board:
- Begin by consulting the resources, training, and assistance offered by leading public safety groups, such as the National Emergency Number Association (NENA) or the Association of Public Safety Communications Officials (APCO).
- Once you’ve laid the groundwork of your plan, visit the International Organization for Standardization (ISO) to review their general framework for PSAPs and resilient operations.
- Additionally, hire a security firm to audit your agency’s systems and make recommendations about which policies and procedures to implement.
Once your PSAP’s cybersecurity policy is in place, conduct routine training to keep dispatchers and call-takers informed on how to recognize and stop cyber threats. Entrust team leaders to not only reinforce ideas on prevention and security, but also adjust procedures when needed to adapt to an ever-changing digital world.
3. Invest in the right vendors
When your PSAP is considering bids with a vendor, make sure to ask what the product will do to help protect against cyberattacks. Too often, vendors will make a pitch to agencies without detailing whether their products carry a standards-based process for securing software.
Hacks and data breaches have become a fact of life in today’s digital world, so it’s imperative for leaders to proactively protect PSAPs and the public from cybersecurity threats.
To learn more about boosting PSAP cybersecurity, check out the Public Safety Now podcast Under Attack: Approaches to Cybersecurity for Public Safety.