Cyber Community

Staying Operational is Essential

Developing a cyber security culture within an organization is about diligence in protecting the authority's public safety obligation, information, and environment . Having a regular training programme is essential. The training begins with email and ends with preservation of life and structures.

Police and security use tools far beyond a computer to protect people and critical infrastructure, and its all tied into using internet protocols. So what happens when there is a denial of service - how do we efficiently and effectively provide a secure environment?

Using technology to support law enforcement and security personnel is crucial; it is a mainstay in protecting the environment.

Policies and procedures must be in place to help public safety and security workers ensure technology is usable and beneficial.

What Happens If It's Not?

PLAN!

The cyber community is worldwide and has few actual restrictions or controls regulating activity or the transfer of information. People in the cyber world can remain completely anonymous during communication if they wish to. The lack of restrictions enables great vulnerability to authorities' critical infrastructure and, at times, public safety.

Police and security often do not think about cyber security as their responsibility but that of the technology department. Although it is their responsibility, it spills over to security in several ways, from communication, cameras, and computers, to name a few. NO! It is a shared responsibility from IT to all personnel, to police and security. Respectively, each has different and shared responsibilities. Once more, depending on the scope of denial of service, it can fall over to the shared critical infrastructure network: police, security, fire, medical, government,military, and industry.

The basics include written procedures for the authority

Regular training for all employees with internal challenges

Tabletop exercises

Enhanced security protocols for the management of security

Notebooks for written reports

Incident Response

Law enforcement and security executives must understand their systems can and will be attacked. Preparing for and rehearsing the response to such an incident is critical. How the IT partner will respond to such an attack must be determined because experience has shown that virtually no organization has all of the highly-trained resources necessary to mount a comprehensive response.

If internal resources do not exist to respond, the services of external professionals will be necessary to manage all aspects of a response. These include detection, triage, and communication; evidence preservation; hard drive imaging; and network-based evidence acquisition. These specialized services will be less expensive if arranged in advance rather than introduced during an emergency.

Identify levels of preparedness:

  1. Awareness

  2. Information Sharing

  3. Policy and Procedures

  4. Planning

Determine the training that is needed to reach each level., and who needs the training.

Assessments need to be reviewed at two levels:

  1. Technical

  2. Non-technical