The Mission-Critical Resource Center

MCP Helps TECB Address Cybersecurity Vulnerabilities at Emergency Communications Districts Across Tennessee

In Summary

  • The Tennessee Emergency Communications Board (TECB) provides management and operations support to Tennessee's 100 emergency communications districts (ECDs), which in turn provide emergency communciations services to the state's citizens and visitors via 119 primary and 24 secondary or backup emergency communications centers.
  • Because of cybersecurity threats, the TECB decided that it needed a baseline security and cybersecurity assessment of Tennessee's 911 environment, and the Board partnered with Mission Critical Partners to conduct the assessment.
  • As part of the project, each ECC received a report that identified and prioritized the risks associated with its unique 911 network and system environment, as well as strategies and tactics that each ECC could use to improve its physical security and cybersecurity posture.

Background

The TECB is transitioning to a statewide emergency services Internet Protocol (IP) network (ESInet) that will provide the transport architecture necessary to deliver 911 calls to Next Generation 911 (NG911)-compliant ECCs. NG911 is an advanced broadband communications system that enables the transmission of real-time text, images and video, in addition to voice, to help improve emergency response. 

Like any IP network, an ESInet is inherently vulnerable to cybersecurity risks, and government entities—including public safety agencies—increasingly are falling victim to such attacks.

The TECB decided that it needed a baseline physical security and cybersecurity assessment of Tennessee’s 911 environment. The board partnered with MCP to conduct the assessment.

How MCP Is Helping

Funded in part by a 911 Grant Program jointly provided by the U.S. Department of Transportation and Department of Commerce in 2019, the participating ECCs receive the following:

  • An assessment of its computer-aided dispatch (CAD) system and call-processing networks
  • An assessment of its physical security
  • A report that identifies the resolvable cybersecurity vulnerabilities and provides recommendations so that plans may be developed to address deficiencies 

Each ECC received a report that identified and prioritized the risks associated with its unique 911 network and system environment. The report also presented strategies and tactics that each ECC could use to improve its physical security and cybersecurity posture. In addition to the ECC-specific recommendations, the reports also identified actions that any ECC should take to prevent cyberattacks.

After participating in the cybersecurity assessment project, Crum offered the following advice: “Everybody needs to have it done—it’s not a matter of if your agency is hit by a cyberattack, but when. …Thanks to this assessment, we know where we stand, and what we need to do to make our systems even more secure,” said Marty Crum, Lawrence County, TN 911.

To learn more, download the case study using the form provided below.