Fact Sheets and Newsletters

Emergency Management and Response Information Sharing and Analysis Center (EMR-ISAC) March 2017 Newsletter on Cybersecurity

This is the March 2017 Emergency Management and Response Information Sharing and Analysis Center's (EMR-ISAC) newsletter and contains articles on cybersecurity best practices for emergency services.

Adobe PDF document
Emergency Management and Response Information Sharing and Analysis Center (EMR-ISAC) November 2017 Newsletter on Cybersecurity

This is the November 2017 Emergency Management and Response Information Sharing and Analysis Center's (EMR-ISAC) Infogram newsletter and contains articles on cybersecurity best practices for emergency services.

Adobe PDF document
NASCIO Resources on Cybersecurity Awareness

This webpage provides an overview of public sector cybersecurity resources from NASCIO, the states, and key experts and stakeholders in the field.

website
OEC NG911 Cybersecurity Primer

This fact sheet by the Office of Emergency Communications provides an overview of NG911 cyber infrastructure, conveys the cyber risk landscape associated with NG911, offers an approach for assessing and managing risks, and provides additional NG911 resources.

Adobe PDF document
SAFECOM Blog on Improving the Cybersecurity Posture of NG911 Systems

SAFECOM blog post from 2016 gives an overview of the DHS Office of Emergency Communication's NG911 Cybersecurity Primer fact sheet and summarizes the primer's recommendations for systems administrators who intend to improve their NG911 systems.

website
US-CERT Critical Infrastructure Cyber Community Voluntary Program Webpage

This is a link to the US Computer Emergency Readiness Team's (US-CERT) Critical Infrastructure Cyber Community Voluntary Program (C³) website.

website


Policies and Implementation Guides

APCO Cybersecurity Guide for Public Safety Communications Professionals

This APCO white paper provides information for public safety communications professionals on the ongoing threats to their networks and recommends ways to prevent, mitigate, and report cyber threats and attacks.

Adobe PDF document
APCO Introductory Guide to Cybersecurity for PSAPs

This APCO guide informs PSAP supervisors how to identify, prevent and minimize exposure to cybersecurity risks and vulnerabilities.

Adobe PDF document
DHS Cybersecurity Strategy

DHS Cybersecurity Strategy document from 2018 provides the framework to execute cybersecurity responsibilities during the next five years to keep pace with the evolving cyber risk landscape by reducing vulnerabilities and building resilience; countering malicious actors in cyberspace; responding to incidents; and making the cyber ecosystem more secure and resilient.

website
NASCIO Cyber Disruption Response Planning Guide for States

This guide by NASCIO encourages states to develop their own cyber disruption response plans and provides guidance on what a cyber disruption is and how states should proceed in developing capabilities to plan for, prevent, mitigate and respond to such events.

Adobe PDF document
NIST Computer Security Resource Center Website

This is a link to the National Institute of Standards and Technology library of Computer Security Resource Center materials.

website
NIST Cybersecurity Framework Webpage

This website provides latest updates from the National Institute of Standards and Technology's (NIST) Cybersecurity Framework. Resources include the latest version of the NIST's Framework for Improving Critical Infrastructure Cybersecurity, industry resources, frequently asked questions, and a variety of presentations.

website
TFOPA Report on Optimal Cybersecurity Approach for PSAPs

This supplementary report by the FCC's Task Force for Optimal PSAP Architecture (TFOPA) provides expanded cost estimates to include implementation of proposed cybersecurity options at the local, State and Regional levels and operational costs based on graded levels of service and traffic. The WG also expands on the previous recommendations of incorporating various types of sensors and monitoring into the overall approach for cyber defense.

website


Reports and Studies

APCO Best Practices Guide on Cybersecurity Attacks: Detection and Mitigation

This document, published by APCO in 2018, is a best practices guide to implementing effective cybersecurity policies and procedures within the PSAP.

website
CSRIC Report on Cybersecurity Information Sharing 2017

This report examines and provides the FCC recommendations that encourage sharing of cybersecurity information between companies in the communications sector.

Adobe PDF document
CSRIC Report on Cybersecurity Workforce Development Best Practices and Recommendations 2017

This report examines actions to enhance the transparency, skill validation, and best practices relating to recruitment, training, retention, and job mobility of personnel within the cybersecurity field.

Adobe PDF document
CSRIC Report on Remediation of Server-Based DDoS Attacks 2014

This report responds to the FCC's questions and provides recommendations for mitigating the incidence and reducing the impact of Distributed Denial of Service (DDoS) attacks across 911 systems.

Adobe PDF document
CSRIC Report on State Emergency Alert System (EAS) Plans 2014

This report responds to the FCC's questions and provides recommendations for creating certain uniform Emergency Alert System (EAS) state plan elements.

Adobe PDF document
FCC Report on Creating a Culture of Cybersecurity in America's 911 Call Centers

This FCC article outlines resources available and steps that PSAPs of all sizes can take to protect themselves from cyber threats at 911 call centers.

website
GAO Report on Comprehensive Planning to Enhance Cybersecurity of Public Safety Entities' Emerging Technologies

This document is a GAO report that reviews federal coordination with state and local governments regarding cybersecurity at public safety entities, with the objective to determine the extent to which federal agencies coordinated with state and local governments regarding cybersecurity efforts.

Adobe PDF document
Mission Critical Partners Webinar on Strategies to Mitigate Cyber Risks in Today's PSAP

This is a 60-min webinar by Mission Critical Partners discussing how today’s PSAPs are increasingly vulnerable to cyber threats as new and emerging technologies enter the PSAP.

website
SAFECOM Blog on Improving the Cybersecurity Posture of NG911 Systems

SAFECOM blog post from 2016 gives an overview of the DHS Office of Emergency Communication's NG911 Cybersecurity Primer fact sheet and summarizes the primer's recommendations for systems administrators who intend to improve their NG911 systems.

website
University of Colorado Boulder Report - Understanding and Solving the Problems that Non-Service Initialized Devices and Non-Emergency 911 Calls Use for PSAPs, First Responders, and the Public

This is a white paper by the University of Colorado Boulder that discusses the issues related to non-service initialized (NSI) devices, what actions can be taken to reduce the risk posed by the large number of NSI devices currently in circulation, and how these might impact the populations that depend on NSI devices to maintain access to emergency services.

Adobe PDF document
US-CERT Critical Infrastructure Cyber Community Voluntary Program Webpage

This is a link to the US Computer Emergency Readiness Team's (US-CERT) Critical Infrastructure Cyber Community Voluntary Program (C³) website.

website


Standards and Regulations

FCC Notice of Inquiry Concerning 911 Access, Routing, and Location in Enterprise Communications Systems

This FCC Notice of Inquiry from September 2017 asks a broad range of questions about the capability of enterprise-based communications systems (ECS) – internal phone systems used in places like office buildings, campuses and hotels –to provide access for 911 calls.

website
NENA Next Generation 911 Security (NG-SEC) Audit Checklist

This NENA checklist provides a summary of the requirements and recommendations detailed in the NG-SEC standard and provide the educated user a method to document a NG-SEC Audit. This Information Document is a companion to the NENA 75-001 - NENA Security for Next Generation 9-1-1 (NG-SEC) Standard.

website


Training Opportunities

National Conference of State Legislation Cybersecurity Training for State Employees

This webpage by the National Conference of State Legislation lists cybersecurity training offered in each state and provides links if available to state cyber training resources.

website
Texas A&M Engineering Extension Service's Cybersecurity Training Courses

This site hosted by Texas A&M Engineering's Extension Service (TEEX) offers a wide range of online and face-to-face cybersecurity training opportunities. Web-based courses are offered through three discipline-specific tracks: general, non-technical computer users; technical IT professionals; and business managers and professionals.

website