Members of the National Emergency Number Association (NENA) know about Public Service Answering Point (PSAP) networks, and are continually growing in their knowledge of PSAP cyber vulnerabilities. That is why CAL-NENA 2020 invited Brian Beckwith, CSEO for Intuitus Corp., to present a breakout session on cybersecurity at their annual meeting that was held March 1-4, in San Diego.

California NENA is a statewide organization holds an annual conference with over 500 attendees. They requested that Brian Beckwith present as an industry expert in cybersecurity for their attendees of 911 service providers. The breakout class titled “Secure Your PSAP from Network and Cyber Security Threats” was well attended and well received.

“We recognize the major threats with the greatest impacts to 911 call centers are different, but not that different, to those of other industries. Threat actors using phishing attacks and social engineering to deploy payloads like ransomware severely impact how PSAPs answer calls and dispatch emergency services,” said Brian Beckwith. “The uniqueness of PSAPs is the impact. If a PSAP can’t take a 911 call or dispatch emergency services, people’s lives are at stake. We feel it is our responsibility to help protect the Public Safety industry. We highly respect and are honored to work with or friends in this space.”

So, what to do about the cyber security risks and vulnerabilities in PSAPs? Brian Beckwith says, “Do the common things like deploy firewalls and endpoint protection, but we know that there are limits to their effectiveness. A Managed Detection and Response service is a good way to add to your protection.” Brian went on to list some things that PSAPs can do that are mostly overlooked.

  • Assume there will be a breach, be consciously paranoid. Don’t freak out, but realize there is a high chance your network will be breached at some point.
  • Have an Incident Response Plan. Determine what you will do if you are affected, then write it down.
  • Exercise your plan. Exercise and walk through the plan with all involved parties.
  • Conduct awareness training. Know how to recognize and prevent cyber attacks.
  • Monitor your network. Know what’s going on in your network (your baseline) so you can identify anomalies.

If your PSAP does not have robust cybersecurity in place or lacks a detailed plan in the event of a cyber incident, Intuitus can help. Simply check out:

The NENA National Conference will be held in Long Beach, CA, June 13-18. Brian Beckwith and other cybersecurity professionals that know PSAP network vulnerabilities will be there. Brian invites anyone who wants to know more about PSAP cybersecurity to stop by the Intrado booth to have a chat.

Jason Newquist is a cybersecurity professional that works with organizations in the Emergency Services sector.