The cyber paradigm and public safety – are we truly prepared?
In this age of open data, converged networks, WiFi domains and the Internet of Things (IoT), formulating a strategy to integrate relevant domains for public safety can be a daunting task. With all the buzz words and techno-speak that assaults us daily, one needs a PhD in Geek to even interpret what it all means. For those in the operations seats, all of this technology lingo only confuses further, making command authorities ask, “Why do I even care? Does it make my job easier?”, with the often-found statement of “My agency is already up to speed and ready” being made. Command staff have very technical resources who take care of the tech stuff, so why should they be bothered with “down the road” stuff that “doesn’t apply to my operations”?
Why? Because you are already in this domain, you and your staff may just not know it yet. If you carry a smart phone, you operate in this domain. If you use a radio, you are working in a data domain. We all live in a world that is completely data-powered, relying on technology to function at work and at home. We are technology slaves, unable to perform even the most basic tasks when we lose cellular service, internet connectivity or our in-flight WiFi drops (my current situation as I draft this).
Is this an avoidable status quo, or one we have yet to fully digest and admit to for fear of being perceived as “held hostage by a potential hacker”? The day we picked up the smart phone and began relying on wireless broadband networks is the day we all became vulnerable, at the mercy of a bad actor with basic hacking skills, and sadly we fail to recognize this reality. It’s not a bad thing that we have embraced technology, nor should we feel it something to pretend we can do without; what is not good is pretending that our legacy systems and backup measures are viable means of resiliency.
Folks, those systems are even more exposed than the smart phone in my hand right now, as they were never designed to handle data in its most basic form, much less in the capacity of a public safety operation. Even the most technically hardened and savvy agencies will attest to the ongoing battle it is managing in this data-driven world we are in. Yet not every agency has the resources at hand to put in basic countermeasures that will protect basic operations, prevent a bad actor from taking down a 9-1-1 system or even the admin phone system. Does it take a genius to establish an effective resiliency strategy, a series of safeguards and best practices that will mitigate threats and minimize impact? Not at all, as just as much as we all rely on our own technology choices, we also have an often untapped inherent understanding of how these systems really work.
The first step in developing a strategy - admit that one is not only necessary, but critical path. It is a “must have” not a “nice to have.” Public safety professionals cannot be putting their lives on the line to protect us if they are not protected doing their jobs; letting any first responder respond to a call without a secure and protected means to communicate is unacceptable in today’s day and age. While no solution will ever be perfect, ensuring that someone does not lose their life because a 14-year-old in a basement with an axe to grind against society decides to take on a city’s telephone network is not only preventable, but must be a top priority when developing a resiliency strategy. We rely on technology that is a weapon in the wrong hands, and an even more powerful one in the right hands; just as we must admit we are not impenetrable, we must also be willing to ask for help in formulating that strategy.
The first and hardest step is always admitting we are powerless over certain things in life and knowing that we never have to take on a difficult challenge alone. Knowing that there are firms out there who can help, and that they are not always the places you’ve entrusted in the past is key, as whereas we are all operating in this cyber world, the names in our virtual Rolodex should have changed.
Know that to beat the hacker, one must understand their world, what makes them tick, the tools of their trade and the signature they leave as they spin their web. No different than public safety professionals taking it to the criminal, firms rooted in cyber expertise do the same to cyber criminals.
It is ok to ask for help, to admit that we don’t have all the answers and need experts to advise us who know this cyber domain, as public safety is just beginning to touch the surface of what threats are out there. What is not ok is being unprepared, knowing there is a problem that will negatively impact lives, and not asking for help to remedy the situation. We know too much as individuals about the power of technology to not embrace it and trust in what it can do; formulating the strategy on how to use these tools to protect, serve and save, that’s the most critical step we must all take. If you have not taken that first step, don’t be afraid to, as not taking the step is the only thing standing between you and progress.