Cyber Community

Staying Operational is Essential

Developing a cybersecurity culture within an organization is about diligence in protecting the authority's public safety obligation, information, and environment. Having a regular training programme is essential. The training begins with email and ends with the preservation of life and structures.

Police and security use IP tools to manage a multitude of security systems within a security environment. These systems must be protected to ensure public safety and critical infrastructure. This requires an integration of team functions between law enforcement and security, those who manage the technical functions of IP. An insider or denial of services is everyone's responsibility. How do we efficiently and effectively provide a secure environment?

Using technology to support law enforcement and security personnel is crucial; it is a mainstay in protecting the environment.

Policies and procedures must be in place to help public safety and security workers ensure technology is usable and beneficial.

What Happens If It's Not?

PLAN!

The cyber community is worldwide and has few actual restrictions or controls regulating activity or the transfer of information. People in the cyber world can remain completely anonymous during communication if they wish to. The lack of restrictions enables great vulnerability to the authorities' critical infrastructure and, at times, public safety.

Police and security often do not think about cyber security as their responsibility but that of the technology department. Although it is their responsibility, it spills over to security in several ways, from communication, cameras, and computers, to name a few. NO! It is a shared responsibility from IT to all personnel, to police and security. Respectively, each has different and shared responsibilities. Once more, depending on the scope of denial of service, it can fall over to the shared critical infrastructure network: police, security, fire, medical, government,military, and industry.

The basics include written procedures for the authority

Regular training for all employees with internal challenges

Tabletop exercises

Enhanced security protocols for the management of security

Notebooks for written reports

Impaired Incident Response

Law enforcement and security leaders must recognize that cyberattacks are not a matter of if, but when. Proactive preparation and regular incident response exercises are essential.

It is critical to establish in advance how your IT partners will respond during an incident. Most organizations lack the in-house expertise to manage a full-scale cyber response. When internal capabilities fall short, external specialists will be required to handle key tasks such as:

  • Threat detection and triage

  • Evidence preservation and forensic imaging

  • Network-based evidence collection

  • Incident communication and coordination

Engaging these services ahead of time and on an ongoing coordinated basis—ahead of any incident or crisis—is essential to ensure faster response, better outcomes, and lower costs.

Identify levels of preparedness:

  1. Awareness

  2. Information Sharing

  3. Policy and Procedures

  4. Planning

  5. Employee Training - the weakest link

Cyberattacks are inevitable. Law enforcement and security leaders must prepare accordingly.

Advance planning and regular incident response exercises are essential. Most agencies lack the internal capacity to manage a full-scale cyber incident. It’s critical to define how IT partners will respond and to establish external support before a crisis occurs.

Key response functions include:

  • Threat detection and triage

  • Evidence preservation and forensic imaging

  • Network-based evidence collection

  • Incident communication and coordination