Pinnacle: Is Your Organization Ready for a Cybersecurity Attack?

Pinnacle: Is Your Organization Ready for a Cybersecurity Attack?

Article Aug 11, 2017

During his presentation “Digital Disruptions—Are You Next? Cybersecurity for EMS and 911” on Aug. 10 in Boca Raton, Fla., Frank Gresh, MS, said, “Information is an asset which needs to be protected.” Information security is a necessity to any organization’s stability. It entails more than just IT security—it’s a system that maintains the confidentiality of employees and patients and the integrity of the organization.

Establishing high-security protocols is vital to protecting the information collected by critical infrastructures within society, including 9-1-1 systems, dispatch centers, radios, warning systems, power grids, water supplies and transportation systems. Breaches of these infrastructures could be severely detrimental to a community.

Security breaches in EMS and governmental agencies would expose critical information such as plans, budgets, trade secrets, financial data, and patients’ private health records, violating HIPAA. It’s important to recognize that protecting this information is not just the responsibility of the IT department or the top officials of an organization. It’s everyone’s responsibility, said Gresh. Everyone must be actively aware of their online activity, like determining the safety of where they enter their personal or organization’s information, and being mindful of potential scams they come across.

Attack vectors that hackers will utilize to breach a security system include email, web browsers and downloads, intrusions in exploited firewalls and compromised machines, and poorly engineered systems. Gresh emphasized the importance of installing high-quality virus scanners on all computers, particularly for email accounts for important persons of contact who receive many emails from unknown senders so they can filter out scammers.

Gresh encourages agencies to stratify technological defenses and prioritize which data is most vital to be protected against breaches. EMS agencies have several major items to protect: private health information, payment transactions and credit card information, employee personal information, and the agency’s website and social media accounts.

Leaders can also implement simple protection measures in addition to heavier duty measures, like sending monthly or quarterly emails to employees reminding them not to open emails, attachments, or links from unknown senders.

While great security measures can be put in place, there is always the chance that a system can be breached. With this in mind, agencies must also have a plan of action in the event that this occurs. Civilians are still counting on your services regardless of any security breaches you may be facing. “On our worst day, we still need to be at our best,” said Gresh. “People will still be calling 9-1-1. There are no excuses in EMS.”

Gresh also provided a list of security frameworks that agencies can implement, including NIST, COBIT, ISO 27001, and ITIL. He encouraged taking advantage of the availability of cybersecurity experts as well for guidance in security measures.

Remember that it is everyone’s responsibility to maintain a strong cybersecurity network in order to maintain the integrity and availability of your agency. Keep in mind that cyber threats come in various forms and have a plan in place to manage those risks and potential breaches. And most importantly, “Don’t be afraid to ask for help,” Gresh said.

Emergency Reporting’s integration with StreetWise links the data used or produced in the apparatus during a response with data stored in a department’s records, significantly improving accuracy, situational awareness, safety and efficiency during emergency response.
Pulsara knows that time is brain and radios can be unreliable, which is why their communications app for EMS to relay clear, accurate patient information to the ED has been improving patient care.

More than 300 state and local agencies have added drones to their arsenals, including a Texas police department that used a drone to spot an escaped convict. The drones can be used to locate active shooters inside buildings, people trapped in burning buildings, and lost hikers.

Redivus Health was selected as a finalist for its innovative, industry leading product, which improves patient care by providing physicians, nurses and paramedics with actionable, clinical guidance during a critical care event.
Frank Gresh, MS, discussed the risks that agencies face in cybersecurity breaches and how they can protect themselves from these threats.
Canada’s premier event for paramedic personnel draws attendees from coast to coast.
Thousands of public safety communications officials will attend this international event next week in Denver, Colorado.
AngelTrax, a leading provider of mobile video surveillance solutions, recently relocated all operations into a fully renovated 40,000 square foot facility which serves as the new headquarters for the company's expanded corporate offices and manufacturing, inventory and distribution centers.
A "heat map" of prior calls helps Life EMS Ambulance in Grand Rapids predict calls and make live decisions on routing.
The rescue drone is remotely controlled by first responders to speed through water to victims and features handles to hold onto while being pulled to shore, a lifejacket, helmet and two-way radio so rescuers can communicate with patients.
Demonstrations of their employee scheduling and workforce management system will be held at the annual EMS event, Pinnacle, taking place in Boca Raton, Florida, August 8th–11th.
The EARTH Symposium rolls out the next generation of medical resuscitative devices.
FirstNet and AT&T will deliver a wireless broadband network to public safety agencies for improved communications and safer communities.
NASA scientists and scuba divers have also approached Jeff Dykes for his innovative compass, which would be placed inside firefighters' helmets to help guide them through low visibility structure fires.
The associations hope to reinforce the use of mobile phones and apps to connect nearby CPR-trained citizens and off-duty professional responders.