Public safety systems, such as the networks used to route 911 calls or enable communications between first responders, are getting their own platform for sharing information on cyber threats.
Communications and security equipment provider Motorola Solutions Inc. plans to announce the formation of the Public Safety Threat Alliance Wednesday, an information sharing and analysis organization, or ISAO, designed to allow participants to disseminate details about cyberattacks and hacking threats.
Motorola expects to begin sharing cyber information with its existing public safety customers on Friday, said Scott Kaine, the company’s vice president of cybersecurity services. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency gave approval to the group to operate as an ISAO, meaning it will be open to all relevant parties, including Motorola’s competitors.
Public safety officials say the ISAO, the first of its kind in public safety, is sorely needed.
While 911 services have occasionally been hacked, cyberattacks that directly target first responders are increasing, and officials say public safety systems now have to grapple seriously with cybersecurity.
Some states have had their 911 systems taken offline by ransomware, while others have seen critical radio systems impacted by other malware, said Brad Stoddard, director of the office of Michigan’s Public Safety Communications System.
Typically in public safety systems, cybersecurity specialists split their time as engineers or more general technology workers, Mr. Stoddard said, and dedicated cyber experts elsewhere often lack an intimate understanding of the challenges facing public safety systems.
“Unfortunately, when there’s a lot of cyber or general security specialists around, there’s usually a knowledge set around IT, but not one as in-depth around emergency communications,” he said. Having a dedicated ISAO to share information tailored to public safety systems will help close that vulnerability, he said.
Most critical infrastructure sectors operate information sharing and analysis centers, or ISACs, which tend to strictly share information about that sector. For an area such as public safety, however, which deals with threats that aren’t specific to one area, the ISAO model allows a greater degree of flexibility that includes training for employees who might not have had to deal with cybersecurity in the past.
“There’s great information coming from the different ISACs, which obviously includes information from federal, state and local sources, but this is really a great way to bring that all together,” said Tasha Cornish, executive director for the Cyber Association of Maryland, a nonprofit organization focusing on cybersecurity and workforce issues.
While the organization will initially focus on the U.S., Mr. Kaine said, he hopes that its membership will eventually expand internationally. He expects to have between 2,000 and 3,000 members over time.
“Several years ago, I think it would have been a bit challenging to get enough interest. Now, people are ready to go,” he said.