This website, along with other cybersecurity offerings, seeks to assist APCO members in identifying and mitigating the risks from cybersecurity incidents. Our primary focus is to provide information that should assist with detecting, analyzing, and responding to incidents.
APCO Resources
APCO Perspectives
-
Why Cybersecurity Matters
When implementing new systems and networks, ECCs should always consider cybersecurity measures in the initial plans in order to ensure that sensitive data is secured.
-
Cybersecurity Is Everyone’s Responsibility
It is important that every agency or organization develop guidelines on establishing effective cybersecurity strategies to include training, awareness, and incident response programs.
-
Broadband Implications for the PSAP: Cybersecurity
Cybersecurity presents one of the most complex challenges for emergency communications centers in a broadband environment. This section of APCO’s P43 Report discusss the current and future threat, cybersecurity concepts, findings and high level recommendations.
Cybersecurity Committee
-
Ransomware 101: What Emergency Communications Leadership Needs to Know
Knowing how to protect your public safety answering point (PSAP)/emergency communications center (ECC) from a ransomware attack is vital.
-
The TFOPA Cybersecurity Strategy How to Implement at Your ECC
Most ECC boards and directors realize there is a crisis but do not know where to begin to create a strong cyber defense strategy. Luckily, there have been several efforts designed to provide guidance on managing cybersecurity in the ECC, most notably the FCC’s Task Force on Optimal PSAP Architecture (TFOPA).
-
Three High-Value, Low-Cost Strategies to Strengthen ECC Cyber Defense Strategy
From small, two-seat centers scattered throughout the country in rural areas, to large, multijurisdictional regional dispatch centers in heavily populated metropolitan areas, our nation’s ECCs are under a relentless, ever-increasing onslaught of cyber-attacks.
-
Cybersecurity Attacks: Detection and Mitigation
An accessible best practices guide to implementing effective cybersecurity policies and procedures within the ECC.
-
Top 5 Cyber-Defense Practices for 9-1-1
A list of top cyber-defense practices that ECC’s across the US have used to successfully defend against and recover from cyberattacks.
Federal Resources
US Department of Homeland Security / Cybersecurity and Infrastructure Security Agency
-
CISA Creates Webpage for Apache Log4j Vulnerability
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) recently created a website to track and respond to the active, widespread exploitation of a critical remote code execution vulnerability (CVE-2021-44228) affecting Apache Log4j software library versions 2.0-beta9 to 2.14.1.
-
Department of Homeland Security Cybersecurity Resources
The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s strategic and unified work to strengthen the security, resilience, and workforce of the cyber ecosystem to protect critical services.
-
Stop. Think. Connect
The Stop.Think.Connect. Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online.
-
United States Computer Emergency Readiness Team (US-CERT)
US-CERT offers mailing lists and feeds for a variety of products including the National Cyber Awareness System and Current Activity updates. The National Cyber Awareness System was created to ensure that you have access to timely information about security topics and threats.
-
CISA Emergency Communications Resources
CISA ensures public safety and national security and emergency preparedness communities can seamlessly and securely communicate during steady state and emergency operations to keep America safe, secure, and resilient.
-
National Terrorism Advisory System (NTAS)
In 2011, the Department of Homeland Security (DHS) replaced the color-coded alerts of the Homeland Security Advisory System (HSAS) with the National Terrorism Advisory System (NTAS), designed to more effectively communicate information about terrorist threats by providing timely, detailed information to the American public
-
National Cybersecurity Awareness Month
National Cybersecurity Awareness Month (NCSAM), in October, raises awareness about the importance of cybersecurity across our nation, ensuring that all Americans have the resources they need to be safer and more secure online.
-
Cybersecurity & Infrastructure Security Agency Catalog
CISA leads the nation’s strategic and unified work to strengthen the security, resilience, and workforce of the cyber ecosystem to protect critical services and American way of life. The CISA Services Catalog is a single resource that provides users with access to information on services across all of CISA’s mission areas that are available to […]
National Cybersecurity and Communications Integration Center (NCCIC) Updates
-
ICS Advisory: Cisco ASA and FWSM Security Advisories
-
Annual Threat Assessment of the U.S. Intelligence Community
-
Securing IoT Devices: How Safe Is Your Wi-Fi Router?
-
Indicators of Compromise for Malware Use by APT 28
-
Joint Report on Publicly Available Hacking Tools
-
Strategy for Protecting and Preparing the Homeland Against Threats of EMP and GMD
Federal Communications Commission (FCC)
-
Task Force on Optimal Public Safety Answering Point Architecture (TFOPA)
-
FCC Proposes to Protect National Security Through FCC Programs
-
APCO Comments: Implementation of CSRIC III Cybersecurity Best Practices
-
FCC’s Public Safety and Homeland Security Bureau Requests Comment on Implementation of CSRIC III Cybersecurity Best Practices
Communications Security, Reliability, and Interoperability Council (CSRIC)
-
Communications Security, Reliability and Interoperability Council (CSRIC)
The Communications Security, Reliability and Interoperability Council’s (CSRIC) mission is to provide recommendations to the FCC to ensure, among other things, optimal security and reliability of communications systems, including telecommunications, media, and public safety.
-
CSRIC WG7: Cybersecurity Workforce Development Best Practices Recommendations
The mission of the Communications Security, Reliability and Interoperability Council (CSRIC) is to provide recommendations to the Federal Communications Commission (FCC) to ensure, among other things, optimal security and reliability of communications systems. Working Group 7 of the CSRIC V is specifically chartered to provide recommendations for the CSRIC’s consideration regarding any actions the FCC […]
-
CSRIC WG6: Best Practices Recommendations for Hardware and Software Critical to the Security of the Core Communications Network
This CSRIC V Working Group 6: Secure Hardware and Software – Security-by-Design (Working Group 6) was formed and tasked with developing voluntary recommendations and best practices to enhance the security of hardware and software in the core public communications network. In a separate report in September of 2016, the Working Group provided voluntary mechanisms to […]
-
CSRIC WG6: Secure Hardware and Software: Security-by-design
CSRIC V WG6 was tasked with developing voluntary recommendations and best practices to enhance the security of hardware and software used in communications critical infrastructure. The working group was also tasked with a second deliverable, to develop a voluntary attestation framework that could be used by companies to demonstrate the success of the recommendations/best practices.
-
CSRIC WG5: Cybersecurity Information Sharing: Information Sharing Barriers
CSRIC V Working Group 5 (WG5) is currently tasked with identifying and assessing perceived technical, legal, financial, consumer/market, operational, and/or organization impediments to cyber threat information sharing and/or the implementation of the prospective use cases
-
CSRIC WG5: Cybersecurity Information Sharing
Working Group 5 (WG 5), Cybersecurity Information Sharing, was tasked with developing recommendations to the Federal Communications Commission (FCC or the Commission) to encourage sharing of cybersecurity information between companies in the communications sector. This report represents the culmination of multiple work streams highlighting the robust level of information sharing that is already underway within […]
Department of Justice (DOJ) / Federal Bureau of Investigation (FBI)
-
FBI: Cyber Crime
The FBI is the lead federal agency for investigating cyber attacks and intrusions. Learn more about what you can do to protect yourself from cyber criminals, how you can report cyber crime, and the Bureau’s efforts in combating the evolving cyber threat.
-
Common Scams & Crimes: Internet Fraud
Frequent instances of Internet fraud include business fraud, credit card fraud, internet auction fraud, investment schemes, Nigerian letter fraud, and non-delivery of merchandise.
-
Scams & Safety on the Internet
Learn tips for protecting your computer, the risk of peer-to-peer systems, the latest e-scams and warnings, Internet fraud schemes, and more.
-
FBI Internet Crime Complaint Center IC3
The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes […]
-
2020 Internet Crime Report
The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of more than 300,000 complaints from 2019—and reported losses exceeding $4.2 billion. The report includes COVID-19 scam and state-specific statistics.
National Institute of Standards and Technology (NIST)
Laws Related to Cybersecurity
Other Resources