SUBSCRIBE NOW
IN THIS ISSUE
PIPELINE RESOURCES

Securing Next Gen 9-1-1

By: Jesse Cryderman

Few telecommunications systems are as important as the emergency response platform that effects everyone in the U.S., 9-1-1. This analog system is comprised of public-safety answering points (PSAPs) and relies on telco billing-system data to provide location information for first responders. The faster this data can be pulled and distributed to the appropriate teams, the better: swift palliative care following a serious injury improves survival rates, and fires that are suppressed early cause less personal and property damage. Simply put, speed saves lives, so how can emergency response systems benefit from the speed advantages offered by digital automation?

Like many other systems that are undergoing evolution, 9-1-1 is being overhauled as well, and the result is Next Generation 9-1-1 (NG9-1-1). By moving to the IP realm and relying on several informational databases, NG9-1-1 not only dramatically shortens response times but improves location accuracy and can be provisioned to distribute additional pertinent information to emergency response teams. While 9-1-1 was designed for landline communications and tweaked to support cellular, NG9-1-1 is engineered from the ground up to accommodate the many different ways people communicate now, including VoIP, cellular and text messaging. Transitioning to an IP-based system increases security risks, however, and since 9-1-1 is such a critical system, a fortified security platform must be applied to ensure uptime, resiliency and dependability.

This Isn't Your Father's 9-1-1 Service

While NG9-1-1 is an IP-based system, it has a unique set of features that pose some different challenges from a security perspective. Unlike traditional computing systems, where security patches and upgrades are regularly applied and the system is subsequently rebooted, NG9-1-1 systems must avoid downtime at all costs. Also, data protection and network requirements are significantly higher in these systems than in traditional peer-to-peer IP networks. "An NG9-1-1 system must deliver a secure, resilient and redundant IP-enabled network with 99.999 percent uptime," writes top NG9-1-1 consultancy firm L.R. Kimball.


At the same time, NG9-1-1 shares many of the same challenges that face all IP-based platforms. Transitioning from relatively discrete analog systems to interconnected IP-based systems dramatically increases the number of entry points — and therefore exposure risk — and human security compromise, whether intentional or by mistake, represents a significant threat. In addition NG9-1-1 systems must implement physical security and redundancy similar to that of data centers and cloud providers, including redundant power, anti-flammable and anti-static surfaces, intrusion detection, physical access monitoring and logging, and more.

NG9-1-1 requires "a foundation of cyber security hardware and software measures to protect the network from being checkmated by malicious opponents or accidentally taken down by users," writes L.R. Kimball. Current 9-1-1 systems, although slower and analog based, aren't vulnerable to denial-of-service attacks, MAC address spoofs or internationally distributed malicious viruses. Without an exhaustive cybersecurity framework for NG9-1-1, public safety is at risk.



FEATURED SPONSOR:

Latest Updates





Subscribe to our YouTube Channel