Today’s law enforcement, fire/rescue and emergency medical services (EMS) and 9-1-1 agencies have numerous communications systems and applications that play a critical role in supporting their critical mission of preserving lives and property. These systems and applications often are interconnected, but they always are interrelated.
Despite this interrelation, public safety managers often do not have a holistic perspective on how these systems interact. In some cases, they aren’t even aware of all of the systems and applications that are being leveraged by the agency.
This is problematic on several levels:
- Agencies often make changes to their communications systems, for example when vendors release a new software or firmware version. If the agency does not have holistic visibility into its systems and how they interconnect/interrelate, a change can have a detrimental effect on another system. In a worst-case scenario, a change could trigger a cascading series of events that leads to one or more system failures.
- It is difficult, if not impossible, for an agency to chart a course for the future—and secure the desired funding—when it does not have an intimate, up-to-date knowledge of its systems. Said another way, how does one determine what is needed—and then convince policymakers of the need—if one is unaware of what it has, or its current condition? This becomes even more complicated when an agency has multiple PSAPs.
- Moreover, when such depth of knowledge is lacking, it is exceedingly difficult for an agency to know what questions to ask of its vendors. The result is that systems often are over- or under-engineered.
- As previously mentioned, today’s communications systems are often interconnected. The interconnection of systems creates multiple entry/access points that can be leveraged to launch intrusive attacks. Knowing where every entry/access point exists in every system is the first step toward cybersecurity—but it is a step that cannot be taken without a deep, up-to-date knowledge of system assets.