Public Safety Cybersecurity

Reliable public safety communications ensure 24/7/365 access and delivery of emergency and life-saving services. As communications technologies become more and more sophisticated, so do the threat vectors posed by malicious cyber actors with the intent to disrupt public safety communications. "In light of the risks and potential consequences of cyber events, CISA is focused on strengthening the security and resilience of public safety communications.

This page compiles resources developed by CISA for public safety communications practitioners, as well as anyone looking to gain further knowledge about cybersecurity for public safety communications. This page provides resources to public safety practitioners regarding common questions related to public safety cybersecurity.

Not Sure Where to Start?

Public Safety Cybersecurity Overview Resources

• Public Safety Communications and Cyber Resiliency Toolkit
  The toolkit assists public safety agencies and others responsible for communications networks in evaluating current resiliency capabilities, identifying ways to improve resiliency, and developing plans for mitigating the effects of potential resiliency threats.
• Stop Ransomware: Public Safety Emergency Communications Resources
  This website has resources designed to help reduce the risk of ransomware.
• Cyber Resiliency Resources for Public Safety (.pdf, 131KB)
  This document assists agencies in determining their current network cybersecurity and resiliency capabilities and identifying ways to improve their ability to defend against cyber incidents.
• "First 48": What to Expect When a Cyber Incident Occurs (.pdf, 336KB)
  This document informs expectations and provides recommendations on how to proceed after experiencing a cyber incident.
• National Emergency Communications Plan (NECP) Webinars
  NECP webinars are designed to provide the public safety community with practical solutions intended to help organizations improve their emergency communications capabilities through the implementation of the NECP.
  • Stay Flexible and Adaptable: Planning for Emergency Continuity (.pdf, 3.4MB)
    This webinar presentation highlights the importance of continuity across the Emergency Communications Ecosystem and provides participants with resources and best practices for ensuring resilient communications.
  • How Does Your Agency Improve Its Cybersecurity Posture? Implement the NIST Cybersecurity Framework (.pdf, 2MB)
    This webinar presentation identifies actions organizations can take to improve their cyber posture through the implementation of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Transition to Next Generation 911 (NG911)
  This page provides resources and tools to support 911 system operations, security, and NG911 transition.
  • Cyber Risks to NG911 White Paper (.pdf, 1MB)
    Provides an overview of the cyber risks that NG911 systems will face.
  • Two Things Every 911 Center Should Do to Improve Cybersecurity (.pdf, 131KB)
    This document highlights actionable steps that ECCs/PSAPs can take to enhance their cybersecurity posture.

Know What You're Looking For? 

Cybersecurity Resources by Topic

Alerts, Warnings, and Notifications (AWNs)

Public Safety Communications: Ten Keys to Improving Emergency Alerts, Warnings, and Notifications (.pdf, 755KB)
This document, known as the “Ten Keys,” provides organizations with a series of governance, coordination, planning, cybersecurity, and resiliency best practices to help ensure the successful implementation of their emergency AWN systems and programs.

Encryption

The encryption webpage provides best practices and considerations for planning, implementing, and securely operating encryption with public safety communications.

Encryption Resources

Identity, Credential, and Access Management (ICAM)

• Identity, Credential, and Access Management (ICAM)
  ICAM is an important cybersecurity domain that allows agencies to access resources across existing systems and emerging platforms securely.
• ICAM Value Proposition Overview (.pdf, 603KB)
  This document provides a high-level summary of federated ICAM benefits and introduces domain-specific scenarios covered by other documents in the suite.
  • ICAM Value Proposition Scenario: Hurricane Response (.pdf, 554KB)
  • ICAM Value Proposition Scenario: Drug Response (.pdf, 449KB)
  • ICAM Value Proposition Scenario: School Shooting Response (.pdf, 494KB)
  • ICAM Value Proposition Scenario: Bombing Response (.pdf, 442KB)

Land Mobile Radio (LMR)

Cyber Risks to Land Mobile Radio - First Edition (.pdf, 1.32MB) 
This document provides an overview of LMR systems, explores various forms of cyber risks to public safety communications, and identifies methods and resources to help secure these systems.

Next Generation 911 (NG911)

• PSAP Ransomware Poster (.pdf, 196KB)
  The poster provides information about what ECC staff can do to reduce the risk of ransomware.  To request an agency or state-specific poster, please follow the directions on the PSAP Ransomware Fact Sheet (.pdf, 192KB).
• Transition to Next Generation 911 (NG911)
  This webpage provides resources and tools to support 911 system operations, security, and NG911 transition.
• The Cyber Incident Response Case Studies for ECCs/PSAPs Suite highlights best practices from ECCs and PSAPs responding to real-world cyber incidents. The documents provide actionable tips to help ECCs and PSAPs prepare for and respond to cyber incidents.
  • Malware Attacks: Lessons Learned from an ECC (.pdf, 287KB)
  • Telephony Denial of Service (TDoS) Attacks: Lessons Learned from a PSAP (.pdf, 257KB)
  • Cyber Incident Response to PSAPs: A State’s Perspective (.pdf, 260KB)
• Two Things Every 911 Center Should Do to Improve Cybersecurity (.pdf, 131KB)
  This document highlights actionable steps that ECCs/PSAPs can take to enhance their cybersecurity posture.
• Cybers Risk to NG911 White Paper (.pdf, 1MB)
  This white paper provides an overview of the cyber risks that NG911 systems will face.

Radio Frequency (RF) Interference

Radio Frequency Interference Best Practices Guidebook (.pdf, 1.61MB)
Public safety agencies from government and non-government organizations alike can leverage this guidebook and familiarize themselves with recognizing, reporting, and mitigating RF interference.

Tools and Technical Assistance

• Interoperable Communications Technical Assistance Program (ICTAP)
  ICTAP provides all 56 states and territories on-site technical assistance services at no cost. 
• Cyber Security Evaluation Tool (CSET) Fact Sheet for Public Safety (.pdf, 424.59 KB)
  This fact sheet provides an overview of CSET®, a free stand-alone desktop application that systematically guides asset owners and operators through evaluating operational and information technology.
• Cyber Security Evaluation Tool (CSET) Demonstration for Public Safety
  This is a 90-minute Cybersecurity and Infrastructure Security Agency (CISA) webinar for public safety organizations that demonstrates the Cyber Security Evaluation Tool (CSET®) and its specific application for emergency communications practitioners.

Need Cybersecurity Best Practices for Your Cybersecurity Organization?

Best Practices Documents for Public Safety Organizations

• Public Safety Communications and Cyber Resiliency Toolkit
  Assists public safety agencies and others responsible for communications networks in evaluating current resiliency capabilities, identifying ways to improve resiliency, and developing plans for mitigating the effects of potential resiliency threats.
• Reduce ECC Cyber Incidents Through Segmentation (.pdf, 519KB)
  This fact sheet provides an overview of the high-level benefits and recommendations for properly segmenting critical systems within an Emergency Communications Center.
• Two Things Every 911 Center Should Do to Improve Cybersecurity (.pdf, 131KB)
  This document highlights actionable steps that ECCs/PSAPs can take to enhance their cybersecurity posture.
• "First 48": What to Expect When a Cyber Incident Occurs (.pdf, 336KB)
  This document informs expectations and provides recommendations on how to proceed after experiencing a cyber incident.
• How Does Your Agency Improve Its Cybersecurity Posture? Implement the NIST Cybersecurity Framework (.pdf, 2MB)
  This NECP webinar presentation identifies actions organizations can take to improve their cyber posture through the implementation of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Cyber Essentials
  A guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
  • Chapter 1: Yourself, The Leader - Drive Cybersecurity Strategy, Investment, and Culture (.pdf, 333.35KB)
    This chapter focuses on providing leaders with an understanding of what it takes from the top to drive a culture of cyber readiness within their organizations.
  • Chapter 2: Your Staff - Develop Security Awareness and Vigilance (.pdf, 306.42KB)
    This chapter focuses on an organizational approach to cybersecurity by educating employees and providing training resources that encourage cyber awareness and vigilance.
  • Chapter 3: Your Systems - Protect Critical Assets and Applications (.pdf, 278.9KB)
    This chapter focuses on an organizational approach to cybersecurity by securing network assets and information.
  • Chapter 4: Your Surroundings - The Digital Workplace (.pdf, 401.63KB)
    This chapter focuses on an organizational approach to cybersecurity by ensuring only those who belong on your digital workplace have access.
  • Chapter 5: Your Data - Make Backups and Avoid the Loss of Information Critical to Operations (.pdf, 387.73KB)
    This chapter focuses on providing leaders with an understanding of what it takes to ensure their organization’s data is secure and recoverable.
  • Chapter 6: Your Crisis Response - Limit Damage and Quicken Restoration of Normal Operations (.pdf, 339.6KB)
    This chapter focuses on responding to and recovering from a cyber attack.

Need Resources for Response and Recovery?

Tangible Guidance on Securing Your Hardware or Software

• Cyber Risks to Public Safety: Ransomware Guide (.pdf, 380KB)
  This guide provides an overview of how ransomware attacks function, the potential impact on emergency response operations, common cybersecurity vulnerabilities, and best practices to help secure public safety networks.
• Cyber Risks to 911: TDoS (.pdf, 308KB)
  This fact sheet familiarizes public safety communications partners with TDoS threats to 911.
• "First 48": What to Expect When a Cyber Incident Occurs (.pdf, 336KB)
  This document informs expectations and provides recommendations on how to proceed after experiencing a cyber incident.
• Addressing the Ransomware Threat to Emergency Communications (.pdf, 6.8MB)
  This webinar presentation highlights the risk ransomware attacks pose to emergency communications and actions within the National Emergency Communications Plan that organizations can take to protect against, respond to, and recover from this threat.

Curious About Various Cyberattack Vectors Against Public Safety?

Documents Regarding Specific Attack Vectors

• Cyber Risks to Public Safety: Ransomware Guide (.pdf, 380KB)
  This guide provides an overview of how ransomware attacks function, the potential impact on emergency response operations, common cybersecurity vulnerabilities, and best practices to help secure public safety networks.
• Cyber Risks to 911: TDoS (.pdf, 308KB)
  This fact sheet familiarizes public safety communications partners with TDoS threats to 911.
• PSAP Ransomware Poster (.pdf, 196KB)
  The poster provides information about what ECC staff can do to reduce the risk of ransomware. To request an agency or state-specific poster, please follow the directions on the PSAP Ransomware Fact Sheet (.pdf, 192KB).
• Addressing the Ransomware Threat to Emergency Communications (.pdf, 6.8MB)
  This webinar presentation highlights the risk ransomware attacks pose to emergency communications and actions within the National Emergency Communications Plan that organizations can take to protect against, respond to, and recover from this threat.

Do You Want to Reduce Risk?

Resources to Help You Identify and Mitigate Risk to Your Systems and Networks

• Guide to Getting Started with a Cyber Risk Assessment (.pdf, 441KB)
  This document describes commonly-practiced risk assessment steps and customizable reference tables for organizations to identify and document personnel and resources involved with each step of the assessment.
• Cyber Incident & Vulnerability Playbooks (.pdf, 1.1MB)
  The playbooks provide federal civilian agencies with operational procedures for planning and conducting cybersecurity incident and vulnerability response activities.

Additional Resources

Cyber-Focused Public Safety Practitioners

• Considerations for Public Safety Cloud Computing Adoption (.pdf, 432.44 KB)
  Consisting of example consideration questions, this document guides public safety practitioners through adoption of cloud technology.  
• Cyber Resiliency Resources for Public Safety (.pdf, 131KB)
  Assists agencies in determining their current network cybersecurity and resiliency capabilities and identifying ways to improve their ability to defend against cyber incidents.

General Public Safety Practitioners

• Federal Partnership for Interoperable Communications (FPIC)
  The FPIC develops products to address topics and questions concerning interoperable communications, security services, spectrum (related to interoperability), and standards.
• National Emergency Communications Plan (NECP)
  The NECP is the Nation’s strategic plan to strengthen and enhance emergency communications capabilities.
• Stop Ransomware: Public Safety Emergency Communications Resources
  This website has resources designed to help reduce the risk of ransomware.
• SAFECOM Technology 
  This webpage has resources that provide examples of the technology currently used in the public safety environment.
• Transition to Next Generation 911 (NG911)
  This webpage provides resources and tools to support 911 system operations, security, and NG911 transition.