If your organization has ever wondered whether it is making measurable progress in combating cyber crime, you’re not alone.
The emergence of new technologies have lowered the bar for modern cybercriminals, expanding the cyber crime landscape beyond a limited group of skilled individuals. This widening pool of cybercriminals is creating new vulnerabilities and new threats on an almost daily basis. Amid this evolving reality, it can be difficult to keep up.
According to the seventh annual Allianz Risk Barometer Survey, cyber risk is now one of the top two global business risks. And there are a number of specific attack avenues organizations are increasingly concerned about:
Malware: Fake download links and phony email attachments – we’ve all seen them. When successful, these malware attacks enable criminals to take control of your machine, monitor actions and keystrokes, and send confidential data from your computer and network. Despite our knowledge of these sorts of attacks, nearly 100 percent of companies report having experienced some form of Malware crime. A recent malware attack on Allentown, Pennsylvania struck the city’s most critical systems – including surveillance camera networks – costing nearly $1 million and forcing the shutdown of some public safety operations.
Web-Based Attacks: Much like malware, the majority of organizations have experienced a web-based attack. Unfortunately, these types of crimes can cost companies 100 times more than malware annually. In fact, one recent event saw hackers steal 45 million records, costing the affected organization nearly $260 million.
Botnets: Blending the words “robot” and “network,” botnets are a network of “bots” that criminals can remotely manage to deploy malware, initiate attacks on websites and steal personal information. These attacks can infect a multitude of devices – devastating an organization. In fact, the recent Mirai botnet saw the shut down of major areas of the internet, including Twitter, Netflix and CNN, as well as the entire country of Liberia.
Lost and Stolen Devices: We do everything on our mobile devices and laptops – send emails and text messages, conduct banking, store personal and corporate information and more! With this wealth of information available, it’s no wonder that nearly 54 percent of the major data breaches tracked by federal regulators since 2009 have been the result of lost or stolen devices.
Denial of Service (DoS): Have you ever tried to access a website and failed? Ever tried to reach a number and got a busy signal? The website or phone line may have been the victim of a DoS attack. These attacks overload an organization’s web or telephony service, flooding it with more traffic than it can withstand. As a result, visitors attempting to access the service are unable to view its content or make a call. That was the case with recent attacks on administrative public safety answering points (PSAP) and emergency communications centers. Perpetrators launched a high volume of calls against the target networks, tying up the service and preventing legitimate calls.
Malicious Insiders: Taking a step beyond insider threats caused by employee negligence, malicious insiders include current or former employees, contractors or business associates looking to gain access to insider information on security practices, data and computer systems. These attacks are difficult to detect and remediation can be extremely costly – with fifty-three percent of companies estimating remediation costs of $100,000 or more and 12 percent estimating a cost of more than $1 million.
Ransomware: Much like it’s name conveys, ransomware takes over a computer and denies access to data unless a ransom is paid. These attacks pose a serious organizational threat, with more than one-quarter of cyber insurance claims resulting from ransomware attacks. And no one is immune. In 2017, WannaCry ransomware hit a number of high-profile targets around the world – impacting more than 300,000 organizations worldwide, with victims receiving a note demanding a ransom of $300 in bitcoin. PSAPs are not immune. Baltimore’s 9-1-1 dispatch system recently experienced a ransomware attack, with hackers infiltrating a server that runs the city’s CAD system for 9-1-1 and 3-1-1 calls, causing the city to revert to manual dispatching for nearly 24 hours. This attack is just one of a recent slew of attacks targeting municipal systems across the country.
In the world of cybersecurity, things are changing at a rapid pace. And while organizations continue to acknowledge the importance of protecting their networks, keeping up with reality can be a challenge. That’s where cyber “resilience” comes in. Moving beyond individual cybersecurity efforts, resilience looks at security as an integral part of an organization’s core business – enabling them to better prepare, prevent, respond and recover from cyber breaches.
Read the full Motorola Solutions White Paper here to learn more about cyber resilience and how your organization can better protect against the growing cyber threat.
Attending APCO? Please join me during the Cybersecurity information track (August 6, 4:30 - 5:30 PM) when I will present “Welcome to the ‘No FUD’ Zone”. During my talk I will explore real events, real impacts and offer a view of the trends in public safety technology to combat cyber threats, as well as what Public Safety personnel can do to help manage the risk.
Troy Mattern is AVP of Products and Services Cybersecurity at Motorola Solutions.
In 2018 Waukesha and Milwaukee County will be fully migrating to a joint P25 mission-critical, digital, radio system for first responders and dispatch personnel. The IP-based system has so many benefits over our previous analog systems not the least of which is our ability to talk across two counties and easily coordinate responses and investigations with multiple agencies. But this sophisticated technology, like all IP based technology, is vulnerable to cyber attacks from unauthorized users, looking to take down the system or hold the system ransom for money.
As we built the new radio system we realized we needed to take a look at our cyber security protocols and make sure we have the appropriate support in place to protect the system against potential impacts from cyber threats such as malware, phishing malicious code, botnets and unauthorized users. Routine software updates and patching is one of the best ways to protect a system. In fact, according to the Department of Homeland Security Cyber Emergency Unit, at least 85% of attacks can be prevented by routinely applying security patches.
To protect the system from cyber threats we use a security update service to manage the complexity. System managers review all available software patches, determine if they are necessary and then test them in their lab to make sure there will be no adverse effects on our system when the patches are implemented. When the upgrades are pushed out into the production environment, they are implemented systematically following a rigid set of protocols to make sure there are no unprotected areas of the system and the users are not impacted. This is beneficial because we have a highly available system, relied on by field and dispatch 24x7, and we need to minimize any downtime. It also controls the number of people who are touching the system and possibly opening the system up to outside intrusions.
Just knowing that there are individuals out there that are dedicated to watching the system, have a baseline for what normal traffic is, and can see when the spikes occur that require action definitely allows me, as an administrator of the system, to relax a little bit and focus on the things I need to focus on which is our people and future enhancements.
My advice to other system administrators is to make sure you know what your cyber security protocols are and make sure it's being done effectively because you do not want to be impacted by a downtime event. Today’s IP systems are much different than the old-school, siloed analog systems; everything is interconnected and vulnerable now. So, it is important to make sure that patches are being done by the people who are specifically designed to support that system.
I invite you to watch a newly released Waukesha County Communications operations video and hear from our people how we are keeping our system and our community safe and secure.
To learn more about the importance of cybersecurity and patching please attend Motorola Solutions’ Troy Mattern, VP of Cybersecurity Products and Services during APCO Cybersecurity Speaking Session: “Welcome to the ‘No FUD’ Zone” on August 6 at 4:30 PM - 5:30 PM.
Gary Bell, Director of Emergency Preparedness for Waukesha County Communications, Wisconsin.
Whether it’s the day-to-day requirements of the job or the unexpected emergency, your teams need to be able to communicate effectively and efficiently. That’s why mission critical communications systems are designed to be resilient – so your organization can function seamlessly even in the midst of the most pressing disaster.
In a crisis, lives depend on effective, unbroken communications. Radios and networks must work – even when faced with high winds, flooding, power outages and more. Today’s land mobile radio (LMR) networks are designed, engineered and tested with this in mind, delivering a unique combination of power, resilience and purpose-built devices.
Powerful Transmitters Reduce Support Needs
A massive hurricane devastates a coastal area. An earthquake topples structures and injures thousands. A tornado cuts across counties, leaving broken buildings in its path.
When disaster strikes, your team needs to focus on response and rescue efforts. You don’t want to be diverting in-demand resources to perform network repairs or deliver supplies.
With powerful transmitters that provide extensive range, LMR and dedicated networks cover large areas with fewer necessary sites. Their greater range gives you more choice in site placement, allowing for strategic placement to increase coverage, provide easier access and ensure strengthened security. In addition, powerful transmitters enable coverage indoors – in buildings with thick walls or underground parking garages – where other tower signals may not be able to penetrate.
By decreasing the number of sites needed, organizations are better able to prepare for emergencies and ensure their sites have adequate back-up supplies, generators and even fuel to withstand a crisis that includes loss of the power grid most commonly associated with natural disasters. Less infrastructure is easier to support and service, allowing your network to remain up and running when you need it most.
Resilient Design Minimizes Disruptions
If the worst-case scenario is to occur, your network needs to be resilient. LMR networks have a proven history of resilience in the most dire of circumstances. Extensive back-ups and redundancies built into these mission critical systems are devised to prevent communication gaps and losses.
Multiple levels of redundancies for key elements and fallback modes are specifically built into the networks to minimize service disruptions and stoppages – even in the most extreme conditions. Geographic redundancy with multiple zones and cores enable the zone to act as its own network if the connection to the main core goes down. Fallback modes incorporate a second core in case the main core goes down. In addition, local site trunking ensures that if part of a network goes down or is disconnected, the local site continues to operate, and users are still able to communicate.
Even with infrastructure down, limited indoor coverage, or in remote, rural areas with no coverage or electricity available, radios are able to engage in device-to-device communication – Direct Mode Operation (DMO) – ensuring that public safety personnel are always connected.
Purpose-Built Devices Thrive in Challenging Environments
Much like the network they run on, your device should be constructed to suit the conditions you work in. That’s why today’s LMR devices have undergone multiple generations of development and user experience testing – ensuring they provide a number of functions integral to mission critical operations.
Dedicated push-to-talk buttons, rugged construction, advanced noise cancellation and high-capacity batteries are all features that have been incorporated into LMR devices with the customer in mind. Whether it’s environments with zero visibility, uniforms that include heavy gloves and protective equipment or situations of high stress, mission critical radios are designed to be easy to use, to let you focus on your work and the task at hand, knowing that you are connected at all times.
Control Provides Backend Security
Today’s public safety agencies want a high degree of control over their systems. LMR networks provide organizations with the authority to manage coverage, set capacity and dictate prioritization.
Control over the coverage, capacity and prioritization of the network provides organizations with the ability to determine who has access to the system, when and where. This control helps to protect your network, making it more resilient and secure.
Unmatched power, proven resilience and purpose-built devices are all fundamental to LMR networks. It is what sets them apart and has established them as the most reliable means of voice communications for public safety. Every day, organizations rely on these networks to stay in touch and to keep our communities safe and thriving.
Learn more about why land mobile radio is mission critical in this video.
Geoff Hobar is Manager, ASTRO Infrastructure Customer Solutions at Motorola Solutions.
Expertise, vigilance and responsiveness in managing your mission critical communication system can give people back the time and peace of mind they need to be their best.
Ever had a leaky faucet? A broken toilet? It happens in our homes, often at an inconvenient time. You have two ways to fix the problem, do-it-yourself or call an expert. Doing it yourself often requires multiple trips to the hardware store, reading a few manuals, searching on line, giving up a few hours of your time and experiencing a lot of frustration. Calling in an expert you trust means the job gets done right, you can go about your daily activities and you eliminate irritations; staying calm.
Do-It-Yourself Can Lead to Worry and Frustration
Much like a leaky faucet but on a grander scale, a mission critical communications system is a complex set of technologies woven together. Managing all the complexity can cause your work teams to constantly need to develop new skill sets, worry about what might happen next, address fire drills and become frustrated and exhausted keeping everything working right.
Use Experts to Manage the Complexity
When a natural disaster strikes such as a tornado, flood or hurricane, you’ve purposely designed your communication network to be always available keeping your workforce mobilized end-to-end.
But even with all of the best plans, natural disasters can tax a system as complex as a public safety communication system. Off-loading the seamless deployment and management of your communication system to a trusted, capable partner can leave your team free to focus, on your operations, the mission and not the systems you use. A team of specialists will work side-by-side with your team, anticipating problems before they are problems and putting corrective actions into place. Now you can simplify the complexity of deploying and managing technology with support from mission-critical communication experts, who deliver an always on, resilient, private and secure communication network.
Let Calm Prevail
Having a comprehensive service plan is not just about managing the technology; it is about giving your organization back time and peace of mind. Allowing your personnel to feel calm and confident that the right plans are in place, the right people with the right skills are on the job and peace of mind that everything will work. It’s what it feels like when you trust your technology partner and move forward with minimal second guesses or what if’s.
Free your teams to move faster and think further ahead with mission critical communications that maximize your operational efficiencies. Watch Manage the Complexity. Calm Prevails.
Josie Slaughter is Head of Services Marketing at Motorola Solutions.
Check out our Managed and Support Service offerings and get peace of mind from a company you trust.
From Equifax and Uber to Meltdown and Spectre, cyber attacks and data breaches are making headlines globally. As cyber crime continues to proliferate throughout both the public and private spheres, governments and businesses are becoming increasingly concerned about their cybersecurity – and with good reason.
While the total number of data breaches and record exposures often fluctuates, organizations are seeing a continued upward trend. According to the Identity Theft Resource Center, the number of U.S. data breaches tracked in 2017 hit a new record high, increasing from the previous high established in 2016 by nearly 45 percent and compromising more than 174 million records.
In addition, the cost of cyber crime is accelerating. The Center for Strategic and International Studies now estimates that the annual cost of cybercrime to the global economy is more than $400 billion USD. Rapid digitalization is expected to increase the cost of data breaches to more than $2 trillion globally by 2019.
Cyber threats have evolved rapidly in recent years and are no longer relegated to a limited number of skilled individuals. New threats such as “cyber hurricanes” – a single attack where hackers disrupt large numbers of companies through common internet infrastructure dependencies – mean businesses are more concerned than ever before. In addition, malware-for-hire, bot net, exploit kits and ransomware packages have lowered the bar for cybercriminals and created new vulnerabilities. Cyber risk has now moved into the top two global business risks, according to the seventh annual Allianz Risk Barometer Survey.
It is clear that cyber is becoming a critical threat to both governments – faced with a potential for undermined national security – and businesses – tasked with storing confidential customer and client information. The result is a growing focus on cybersecurity. Cybersecurity products and services are fueling the global market, with spending expected to reach $170 billion by 2020.
Despite the attention cyber attacks continue to garner and despite the growing calls for increased cybersecurity, many organizations struggle to comprehend and manage emerging cyber risks in today’s increasingly complex digital society. This is compounded by an emerging cybersecurity workforce gap. According to the Global Information Security Workforce Study, this gap is on pace to reach nearly 2 million by 2022. Already, 51 percent of agencies report that they could use at least one more employee to cover necessary data security tasks.
In a world which is increasingly dependent on digital technology and interconnectedness – developing resilience to withstand cyber attacks is critical to future success. Advanced cyber attack techniques, new attack vectors from open networks, an industry-wide lack of security expertise and a disconnect between spending on cyber tools and increased security are challenging the implementation of a holistic cyber strategy. Read the full Motorola White Paper here to learn more about the evolving cybersecurity landscape.
Troy Mattern is the Vice President for Product and Services Cybersecurity at Motorola Solutions.
When lives are on the line, you need reliable, secure, unbroken communications. From the most extreme moments to the day-to-day, emergency personnel depend on mission critical communications to do their jobs effectively and keep our communities safe – it is their lifeline.
Today, mission critical communication plays a vital role in enabling emergency personnel to stay connected and protect communities around the world. Public safety organizations and agencies – including national, local, state and regional police, fire, and emergency medical services – have long turned to narrowband, two-way radio for their mission critical communication needs. These land mobile radio (LMR) networks have long served to deliver proven, reliable voice communication in life-and-death situations.
However, public safety needs are evolving – and that evolution requires new forms of communication. The past fifteen years have seen advances in mobile broadband technology drive the growing demand for real time data. Within public safety, agencies are leveraging this advanced mobile intelligence to access video, pictures and location data to resolve incidents and make informed decisions in real time. As organizations continue to incorporate data into their workflow and mobile broadband plays a larger role in the mission critical communications mix, agencies may find themselves struggling to navigate the complex and ever-evolving mission critical public safety communications landscape.
More than 20 years ago, Motorola Solutions recognized the need for an efficient, easy-to-understand benchmark for evaluating technology choices. In response, we introduced the five Cs of critical communication – coverage, capacity, cost, control and capability. Today’s environment requires you to consider a sixth C – cybersecurity.
Together, these six Cs play an important role in effectively assessing mission critical communications. You want to make sure you make the best decisions for the people on the front lines. With a multitude of information discussing the pros and cons of both LMR and mobile broadband, making the right choice can seem like a daunting task.
But maybe it doesn’t have to be! In fact, many industry leaders argue that the right solution for public safety is to leverage both options in order to achieve mission critical communication success. Today, and in the near future, there is no one system that can successfully provide both mission critical voice and broadband data communications. As public safety agencies around the world explore different ways to address their needs for reliable communications, the solution is to leverage both LMR and mobile broadband. These serve as complementary technologies – with LMR providing essential mission critical voice communications and mobile broadband providing additional data-driven capabilities. Together, they provide a collaborative solution that is able to respond effectively and efficiently to today’s public safety communication needs.
By bridging these two technologies and connecting LMR and mobile broadband networks together, public safety agencies are creating forward-thinking, collaborative networks that address all of the six Cs of mission critical communications – coverage, capacity, cost, control, capabilities and cybersecurity.
Capacity: Are your communications systems capable of supporting everything and everyone they need to during times of crisis? Will calls be prioritized so the most important information gets through first? A successful mission critical communication system seamlessly handles mass call volumes, prioritizes important calls and ensures necessary agencies are able to access the network. It must be engineered to address peak usage and right-sized to your organization’s specific needs to ensure calls always get through – regardless of the circumstances. Current LMR networks are designed for emergencies with capacity calibrated for maximum usage. By including mobile broadband, your agency is able to extend your user base and ensure that all critical individuals are able to access the communications network.
Coverage: Does your system meet your unique geographical and performance requirements? No one can predict where the next incident will occur. You need a robust communication system with superior coverage across your entire jurisdiction and sufficient back-up and redundancies to prevent communication gaps and losses. Infrastructure should be easily supported and serviced to ensure your network stays up and running when it’s needed the most. As LMR devices transmit with more power, LMR networks often require less infrastructure to provide the same level of coverage. This streamlined infrastructure is easier to support. In addition, LMR devices also work in Direct Mode Operation (DMO) if the network does goes down, allowing them to communicate device-to-device. Running collaborative LMR and mobile broadband networks means you can have the mission critical voice and data coverage you really need. The resiliency of P25 LMR networks in Florida and Texas was proven during recent events – including Hurricane Irma and Hurricane Harvey – where the systems continued to operate with minimal disruption of coverage.
Control: How much control do you want over system requirements, design, features and operations? Is it important for your organization that your system is configured for a specific use case? Many public safety agencies want a high degree of authority over their systems. They want control over the coverage and capacity of the network. But they also want to control who has access to the system and who has priority, monitor what changes need to be made and when, and track the status of all users. In addition, these controlled networks streamline management and provide network health visibility at all times. Bridging your LMR and mobile broadband networks, giving you unified fleet maps, access rights and prioritizations means you have the control of your network you need.
Costs: How would your return on investment improve if your system supported both voice and data? Your agency doesn’t want to have to compromise mission critical features because of budgetary concerns. Analyzing the cost of both LMR and mobile broadband networks highlights two very unique, divergent financial structures. Traditionally, implementing an LMR network requires a larger one-time initial financial output to develop infrastructure, followed by ongoing, set monthly fees for upkeep and services. Conversely, subscribing to a commercial mobile broadband network is less expensive at the outset, but recurring airtime fees and other data charges can be unpredictable. Determining if the expense scales appropriately with the size of you fleet will be something you need to consider. In addition, mobile broadband requires more bandwidth than narrowband LMR systems, meaning additional sites may be needed to provide the same level of coverage. Building a plan based on collaboration between LMR and mobile broadband networks can provide your organization access to the most up-to-date communications technology for both voice and data and give you access to the capabilities you need while reducing your implementation and operational costs.
Capability: Voice is critical, but does your organization also need data capabilities? Through multiple generations of development and user experiences, LMR systems provide a number of functions essential to mission critical operations. Push-to-talk, intuitive design, rugged construction, unique ergonomics, advanced noise cancellation and high-capacity batteries are all features that have been incorporated into LMR devices with the customer’s environment in mind. Robust priority and pre-emption, dynamic grouping, even low-latency call setup are all inherent to LMR technology, ensuring that a critical call gets through. In addition, LMR technology is decentralized and built for resilience – if part of a network goes down or is disconnected from the rest, LMR continues to operate. Multiple levels of redundancy and fallback modes are built into the networks to minimize service disruptions under even the harshest of conditions. With a design philosophy born in delivering mission critical audio, LMR is unable to support the wide diversity of data-driven applications provided by mobile broadband. Today, 70 percent of agencies believe access to real-time date in the field is ‘critical.’ Mobile broadband continues to open up the world of video streaming and data applications, providing emergency personnel with access to real-time surveillance video, high-resolution photos, bi-directional vehicular video, and dynamic mapping and routing. This, in turn, is improving operational efficiency and promoting intelligent decision making. With LMR and mobile broadband providing their own set of unique capabilities, choosing between the two can be a challenge. By bridging both technologies, your organization is able to take advantage of the robust offerings provided by LMR and mobile broadband - mission critical voice and mission critical data. This synergy between voice and data is the future of mission critical communications.
Cybersecurity: Are your mission critical communications secure? Globally, the number of cybersecurity breaches has increased by nearly 30 percent annually. It is clear that security is a real concern for public safety agencies. As communication evolves to include voice, data and video capabilities, the risk of cyber attacks for both LMR and mobile broadband networks is expanding. Mobile broadbands’ variety of applications and internet connectivity introduces new opportunities for breaches. With LMR voice communications, the movement away from self-contained, proprietary technology toward IP-based infrastructure and broadband interconnectivity is increasing network “attack surfaces.”So whether you are utilising LMR, mobile broadband or both you need to be aware of cyber security threats. Fortunately, both LMR and mobile broadband networks continue to adapt to emerging cyber threats, including additional security measures, continued updates and innovative encryption services. Looking ahead, those networks that utilize security best practices and open standards will be better positioned to protect against cyber attacks.
When it comes to mission critical communications, having the right technology for the right operations is key. As data continues to proliferate and networks become increasingly complex, bridging LMR and mobile broadband enables your organization to combine their unique strengths into a blended network that best meets the complex demands of public safety. Leveraging the best of both LMR and mobile broadband ensures your organization has all of the six Cs of mission critical communications – coverage, capacity, cost, control, capabilities and cybersecurity.
John Kedzierski is Corporate Vice President of Systems and Infrastructure Solutions at Motorola Solutions.
(1) “5 Trends Transforming Public Safety Communications,” Motorola Solutions, 2015.
(2) “Cost of Cyber Crime Study,” Ponemon Institute and Accenture, 2017.