The Tennessee Emergency Communications Board (TECB) provides management and operations support to Tennessee’s 100 emergency communications districts (ECDs), which in turn provide emergency communications services to the state’s citizens and visitors via 119 primary and 24 secondary or backup emergency communications centers (ECCs).
The TECB is transitioning to a statewide emergency services Internet Protocol (IP) network (ESInet) to optimize for an NG911 environment. Like any IP network, an ESInet is inherently vulnerable to cybersecurity attacks. Tennessee needed to make sure it was prepared.
Public safety and emergency response networks and systems increasingly are falling victim to cyberattacks, especially ransomware.
TECB hired MCP to conduct baseline vulnerability assessments of the communications networks and systems at emergency communications districts (ECDs) across Tennessee.
Each ECD will receive a comprehensive report that identifies and prioritizes its vulnerabilities and presents recommendations for mitigating them.
Cyberattacks, such as denial of service (DoDs), distributed denial of service (DDoDs), and, more recently, ransomware attacks can disrupt public safety communications networks and systems, and even shut down critical 911 operations. To prevent this, the TECB engaged with MCP to develop a baseline physical security and cybersecurity assessment of Tennessee’s 911 environment.
“Being proactive in evaluating the cybersecurity of our PSAPs is a critical component in implementing risk-prevention measures throughout the state,” says Curtis Sutton, the TECB’s executive director.
MCP used a three-phased approach to assess and analyze the ECCs, followed by ECC-specific reports that provided actionable strategies and tactics for improving their security posture.
Phase 1: Physical Assessment
Understanding that many cyberattacks start with a physical security breach, MCP’s subject matter experts (SMEs) visited the ECCs to assess their physical security posture. SMEs looked for things like unlocked external and equipment room doors, presence of security cameras, access controls, and network and system back-ups, among others.
Phase 2: Cybersecurity Assessment
SMEs used technology placed on the ECC’s networks and systems to collect data about its cybersecurity posture.
Phase 3: Analyze Data and Create Report
The collected physical and cyber data were analyzed using MCP’s Model for Advancing Public Safety® (MAPS), a proprietary assessment tool that helps officials understand where their organization stands in key areas and provides a quick view into where they need to prioritize. When focusing on the TECB and the Tennessee districts, there were 15 key assessment factors.
Each ECC received a report that identified and prioritized the risks associated with its unique 911 network and system environment, as well as strategies and tactics to improve its physical security and cybersecurity posture.
In addition to the ECC-specific recommendations, the reports also identified actions that any ECC should take to prevent cyberattacks, from password security best practices, multifactor authentication recommendations and centralized security information to procuring a vulnerability scanning tool and employing end-user security training for staff.
“The report did give us some easy fixes that we will implement immediately,” said Randall Lewis, assistant director of Washington County ECD. “It also gave us some long-term goals that we’re going to try to meet to make our cybersecurity posture a little better.”
“This gave us a real clear picture of where we stand now, and I felt that the reports that were provided were very detailed and a great resource to have going forward,” said Marty Crum, technical assistant/terminal agency coordinator for Lawrence County 911.