Protecting the nation's 911 system from cyber threats Present and Future

Research Team Leadership

• CIRI Program Manager: Elaina Buhs, University of Illinois
• KC Program Manager and Cybersecurity Specialist: Karthik Balasubramanian, Karthik Consulting
• KC Project Manager - Critical Infrastructure: Bimal K. Sareen, Karthik Consulting
• Crisis Management and Communications Specialist: Robert Darling, Karthik Consulting
• DHS and 911 Systems Subject Matter Expert (SME): Gerald Jaskulski, Department of Homeland Security

The Homeland Security Challenge
The national Public Safety Answering Point (PSAP) system, also know as the 911 system is an essential part of the critical infrastructure of the United States. This system connects the nation’s first responders to every person, business, and organization. Unfortunately, it is now proven to be cyber-vulnerable to malicious actors both nationally and internationally. Telephone Denial-Of-Service (TDoS) attacks on the 911 system have already occurred. This attack vector came in via wireless networks and channeled via social media and internet sites. These attacks prove that the existing system in vulnerable and the risk is real.

The COE Solution
In collaboration with the PSAP community we intend to use the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) and relevant NIST security controls to conduct a cyber vulnerability and gaps assessment of the PSAP/911 architecture using available documents and interviews with PSAP operators. Based on that analysis we will propose a NIST CSF Profile standard for PSAPs and recommend cybersecurity best practices based on NIST controls specific to Emergency Services. We will tailor the Profile and best practices to match the size/complexity of PSAP systems deployed within the diverse PSAP ecosystem. Both the PSAP Profile and best practices will be published for use by the PSAP community.