Public Safety Cyber Guidelines

APCO: An Introduction to Cybersecurity

An Introduction to Cybersecurity: A Guide for PSAPs by APCO International

ABSTRACT: “The primary goal of this document is inform PSAP supervisors (and above) how to identify, prevent and minimize exposure to cybersecurity risks and vulnerabilities. It can be used to help PSAPs develop policies and procedures and raise awareness of areas that require further consideration. Case studies have also been provided in order to demonstrate how theoretical vulnerabilities have manifested into operationally impactful events.”

Read More
DHS: Implementation Guidance

Emergency Services Sector Cybersecurity Framework Implementation Guidance by the Department of Homeland Security (DHS)

ABSTRACT: “This Implementation Guidance aims to simplify the process for all organizations in the Emergency Services Sector— regardless of their size, cybersecurity risk, or current level of cybersecurity sophistication—to apply the principles and best practices of risk management. Ultimately, the Framework and this Implementation Guidance are focused on helping individual organizations reduce and better manage their cybersecurity risks, contributing to a more secure and resilient sector overall.”

Read More
FCC: Optimal PSAP Architecture

Task Force on Optimal PSAP Architecture (TFOPA): An FCC Federal Advisory Committee Adopted Final Report by Federal Communications Commission (FCC)

ABSTRACT: “This final report is organized around the three major PSAP focused work efforts of the Task Force, including Cybersecurity, the Optimal Approach to NG9-1-1 Architecture Implementation, Optimal and NG9-1-1 Resource Allocation.  It essentially consolidates the results of those work efforts into one document, with a common executive summary, and summarized set of findings and recommendations.”

Read More
NIST: Improving Critical Infrastructure

Framework for Improving Critical Infrastructure Cybersecurity by National Institute of Standards and Technology (NIST)

ABSTRACT: “The national and economic security of the United States depends on the reliable functioning of critical infrastructure. To strengthen the resilience of this infrastructure, President Obama issued Executive Order 13636 (EO), “Improving Critical Infrastructure Cybersecurity,” on February 12, 2013.1 This Executive Order calls for the development of a voluntary Cybersecurity Framework (“Framework”) that provides a “prioritized, flexible, repeatable, performance-based, and cost effective approach” to manage cybersecurity risk for those processes, information, and systems directly involved in the delivery of critical infrastructure services. The Framework, developed in collaboration with industry, provides guidance to an organization on managing cybersecurity risk.”

Read More
NCCIC: Joint Analysis Report

Joint Analysis Report (JAR-16-20296A) by Department of Homeland Security (DHS) and Federal Bureau of Investigations (FBI)

ABSTRACT: “This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.”

Read More