By Scott Kaine
In recent years, public safety agencies – including law enforcement – have found themselves the target of cyberattacks, with law enforcement operations suffering from ransomware-induced downtime and sensitive data exposures on criminal forums. Cyberthreat actors of varying motivations are exploiting police to make money, make a statement or make a name for themselves.
Cyberattacks have occurred in the United States, as well as against police in India, Thailand, Ukraine, Canada, the United Kingdom, Argentina and Switzerland. Law enforcement agencies have fallen victim to cyberattacks at rates slightly higher than average than the broader public safety community. Based on the available attack data, as well as historic attacks prior to this reporting period, police worldwide are targets for cyberattacks and will remain so for the foreseeable future.
It is critical to stop cyber adversaries in the early stages of an attack. Strategies can involve disabling unused services, enforcing multi-factor authentication and patching regularly, especially prioritizing internet-facing services, to name just a few tactics. The challenge is that agencies need resources dedicated to uncovering risks, which requires cybersecurity talent familiar with the cyberthreat actors targeting the law enforcement community and the equipment, software and internet-based resources officers and investigators use every day.
For many agencies, this responsibility falls to the agency’s IT director. In smaller police agencies, IT support resides within the municipality. Agencies face the added reality that it is hard to recruit and retain cybersecurity expertise during a worldwide cybersecurity talent shortage, not to mention the difficulty of cash-strapped law enforcement agencies and municipalities competing for talent with the private sector, where starting salaries for entry-level cybersecurity staffers can range between $95,000-$150,000.
Cybersecurity backup for public safety
The public safety community isn’t alone in dealing with cybersecurity risks. Even the best-resourced industries have difficulty finding cybersecurity talent. That’s why industries like financial services, defense, energy, critical infrastructure, healthcare and technology have turned to information sharing and analysis centers and organizations (ISACs/ISAOs) to help understand and reduce their cybersecurity risk through the sharing of actionable information and intelligence amongst member organizations.
ISACs resulted from the 1998 Presidential Decision Directive-63, which required each critical infrastructure sector to establish sector-specific organizations to share information about threats and vulnerabilities.
An ISAO is a trusted community that actively collaborates to identify and share details about cybersecurity threats. The 2015 Executive Order by then-President Obama, which established the concept of ISAOs, recognized the critical role that public-private security partnerships play in our collective cybersecurity posture. In my role as head of cybersecurity for Motorola Solutions, I am honored to spearhead the ISAO for the public safety community: the Public Safety Threat Alliance (PSTA).
What is the Public Safety Threat Alliance (PSTA)?
The PSTA operates as a single organization focused on the collection, analysis, production and sharing of actionable cybersecurity threat information and intelligence. Think of it as a consistent cybersecurity backup unit, at the ready with available information and intelligence to help mitigate risk when agencies need it. The goals of the Public Safety Threat Alliance are to:
- Centralize information from members and trusted partners, including the Cybersecurity and Infrastructure Security Agency (CISA), other ISACs/ISAOs and nonprofits dedicated to sharing cybersecurity threat intelligence.
- Deliver end-to-end threat intelligence and proactive defense solutions.
- Reduce the cybersecurity burden on public safety organizations, like law enforcement agencies, so they can focus on their no-fail missions ensuring the safety and security of their communities.
Any law enforcement agency, regardless of whether they are a Motorola Solutions’ customer, is invited to join the PSTA and can register for a free membership at https://motorolasolutions.com/psta.
Participating law enforcement agencies are not required to share threat information with the PSTA, but the more they do, the better positioned the ISAO will be to help improve the overall cybersecurity posture of the entire public safety community. Information provided by law enforcement agencies and other public safety agencies on threats and attacks is processed by the PSTA and anonymized to create actionable intelligence for member law enforcement agencies and other member public safety agencies.
It’s time to prioritize backup
The cybersecurity threat to law enforcement agencies isn’t going away. The PSTA serves as the backup agencies need to mitigate their cybersecurity risk. Cyberattacks against law enforcement agencies will continue to grow, but agencies don’t have to go it alone. The PSTA can help agencies reduce their risk by safely and securely sharing information about cyberthreats and attacks with their counterparts in the public safety community.
About the author
Scott Kaine is corporate vice president of cybersecurity for Motorola Solutions and spearheads the Public Safety Threat Alliance.