Today’s police agency has many digital systems to support its operations, and cybersecurity attacks can cripple these operational systems, taking away vital tools from officers. One example is the dispatch system at the center of a department’s operations. If a cybersecurity attack took it down, how would a department respond? Does it have a plan in place to get the system back online? Could it pivot to dispatchers using pen and paper? What if the attack then took down their records management and digital evidence systems as well? What would they do? If the agency hasn’t discussed cybersecurity threats, appropriate protections, and continuity of operations in the event of a cybersecurity incident, now’s the time.

Cybersecurity threats to public safety agencies are diverse and constantly evolving, and pose significant risks to the confidentiality, integrity, and availability of sensitive information. These threats come in different ways—externally, internally, or through system vulnerabilities such as supply chain weaknesses. One of the most dangerous external threats comes in the form of social engineering attacks, where adversaries manipulate individuals into divulging confidential information or granting unauthorized access. By impersonating trusted vendors or public officials, cybercriminals can gain access to sensitive data or block system access. Phishing emails are a common tactic, tricking employees into clicking malicious links or sharing credentials by posing as a fellow employee or other trusted person. More advanced methods for targeting government personnel include “spear phishing” (targeted emails or messages that leverage personal or professional information about the recipient to increase their trust in the sender) and “pretexting” (emails or messages that include fabricated identities and stories with plausible scenarios).

In order to access the rest of the article sign in with your IACP or Subscriber credentials.