Research to help 911 call centers assess, mitigate, and manage cyber risk

9/9/2021 9:40:24 AM CIRI Communications

When someone dials 9-1-1, they need to be connected with a professional who will be able to quickly send them help in the form of EMTs, firefighters, or police officers. Cyberattacks on 9-1-1 call centers have already occurred.  As these emergency call centers get next-generation technology updates, there are increasing concerns about the potential for cybersecurity attacks on this network.Research to help 911 call centers assess, mitigate, and manage cyber risk


Researchers in the Critical Infrastructure Resilience Institute (CIRI), led by the University of Illinois Urbana-Champaign, recently analyzed the current state of 911 centers, also known as public safetyanswering points (PSAP), and have developed a profile based on the NIST Cyber Security Framework that will help PSAPs better assess, mitigate, and manage their cyber risk. The goal is to identify best practices and offer the nation’s approximately 7,000 PSAPs a standardized plan and tools for enhancing their cybersecurity posture and their organizational and operational cybersecurity maturity.


The work is funded through DHS Science &Technology’s Office of University Programs (OUP) in support of the DHS Cybersecurity and Infrastructure Security Agency’s (CISA) Emergency Communications Division.


“We are continuing to improve the cyber security of the nation’s critical emergency communications infrastructure,” said Billy Bob Brown, Jr., CISA’s Executive Assistant Director for Emergency Communications. “Improved cybersecurity process and techniques are critical to defending public safety communications systems.” 


Addressing the potential cybersecurity risks to these emergency centers is crucial to their continued operation. A hack to the system could take down the emergency network altogether or send false information to the public or to emergency responders. While an attack affecting the 911 call center system could be devastating, the cybersecurity profile developed by the CIRI team would also need to cover the internal IT system of the call center operator to prevent disruptions to one system impacting the other.


While it’s incredibly important, analyzing the cybersecurity risks of each individual PSAP is expensive and challenging. Rather than look at each PSAP on its own, the group organized them by the type of technology they currently use. All PSAPs can be placed on a spectrum from legacy to next-generation 911 (NG911) systems. Legacy systems refer to an old style of telephone system that many people likely think of when they picture an emergency call center. On the other end of the spectrum are NG911 centers, which are working to integrate text, video and other capabilities into emergency communications. While transitioning to NG911 is a goal, currently few, if any, PSAPs around the country that have completely reached this milestone.


“The goal was to look at the current security posture of the PSAPs to see what the big issues are at the macro level, architecturally, etc.,” said Karthik Balasubramanian, principal investigator and president of Karthik Consulting. “We needed to determine if there was a common pattern of risks across different PSAPs which would allow us to create a plan to help them with cybersecurity.”


Despite the various levels of technology in each center, Balasubramanian said there was always interest in getting involved with the program.


“Every PSAP leaned forward and wanted to be involved,” said Balasubramanian. “During our initial interaction we asked for documentation. Some PSAPs had some of it, some had none of it, but raised their hand anyway and wanted to participate. They wanted to engage but needed help, which is where we came in.”


Using the data points gathered from all the PSAPs interviewed last year, the researchers were able to conduct a macro assessment and create a variety of PSAP profiles. PSAPs across the country, including those who weren’t involved in the first step of research collection, will be able to access the PSAP Profile documents for use as a guide to improve their cybersecurity postures.  The PSAP Profile will also be integrated into the DHS/CIRI-developed Cyber Secure Dashboard software-as-a-service offering which can ease, accelerate, and reduce the cost of conformance to the profile.


Future plans for the work may include developing a services package that could be offered to assist PSAPs in conducting an initial cybersecurity assessment and creating a detailed action plan to achieve their target cybersecurity posture.


“Our COEs are made up of some the of the Nation’s most brilliant minds in the field of homeland security,” said OUP Director, Rebecca Medina. “It is exciting to see our academic partners in CIRI help our colleagues in CISA support the overall DHS mission of securing the homeland as well as the critical impact it will have on saving the lives of our citizens.”