How Sedara helped secure a local government 911 Center

At-A-Glance

Sedara worked with a local government to identify and remediate gaps in its cybersecurity posture.

  • Industry:
    Local Government
  • Challenge:
    Reduce 911 Center risks
  • Solution:
    GAP Assessment
Results
  • Reduce overall risk to 911
  • Identified and documented 911 center assets by location
  • Identified and documented 911 center service contracts and the status of those third-party services
  • Have a prioritized list of actions to remediate risks
  • Understand ownership and accountability of identified risks, including third-party vendors
Case Study

Background

A medium-sized local government was in the midst of a push to improve cybersecurity. They had made various infrastructure and cybersecurity investments over the months prior. Their focus shifted to a critical department that they felt needed some attention - the 911 center. Their 911 center’s IT systems and processes were managed by the government's central IT team rather than having completely dedicated technical personnel. They also rely heavily on key vendors for the 911 center and wanted to ensure those vendors were performing as expected.

Case Study

Challenge

Given the high-level of risk that is inherent to 911 centers it is imperative to have clearly defined policies, procedures and responsibilities. A GAP assessment needed to be performed in areas including IT systems, process, policy and procedures, and identifying ownership. This includes major vendors that are critical to the functionality of the 911 center. The local government was looking to obtain better insight into the assets, services and applications within the environment. Not having a clear picture of all assets, the scope of service contracts, and responsibility for assets and services made it extremely difficult to even know where to start. They approached Sedara as a trusted cybersecurity advisor to help accomplish this goal.

Case Study

Solution

The GAP assessment created a Plan of Action with Milestones to deliver a roadmap for the local government to reduce overall risk, and identify roles and responsibilities. This removed assumptions and clearly defined all components that support the 911 systems.

Sedara selected the National Institute of Standards and Technology Cybersecurity Framework to carry out the solution in three phases.

The NIST Framework

NIST CSF 1.1 focuses on using business drivers to guide cybersecurity activities and cybersecurity risk considerations as part of the organization’s risk management processes. The framework enables organizations to apply the principles and best practices of risk management to improving security and resilience. By assembling standards, guidelines, and practices that are currently working, the Framework creates a common organizing structure for multiple approaches to cybersecurity.

The assessment was carried out in three phases shown below.

Phase 1

Discover and Document

Identify people, processes, and technology involved with relevant assets, business environment, governance, strategy including vendors. These are all outlined in the Identify Function of NIST CSF 1.1.

  • Questionnaire: To collect relevant information, Sedara developed a questionnaire concerning the management and operational controls. Questionnaires were also used during interviews.
  • Interviews: Interviews with IT support and management personnel enabled Sedara to collect useful information about how systems are managed, and who is in charge of managing them.
Phase 2

Audit and Review Data

This phase begins to detect what is important and what is not. Interpret and validate data to assign meaning and context, and arrive at a relevant conclusion. This is our final sweep for any missing data, and to produce supporting artifacts.

  • Quantify GAPs in people, process and technology.
  • Document Review. Sedara reviews policy documentation, directives, system documentation, IT documentation that currently exists within the organization.
Phase 3

Summarize and Deliver Results

Upon completing the assessment, we provided a detailed Plan of Action and Milestones (POAM) document to provide actionable next-steps. This is a document that identifies tasks needing to be accomplished. It details resources required to accomplish the elements of the plan, any milestones for meeting the tasks, and recommended completion dates for the milestones.

  • Prioritized roadmap to close gaps
  • Long-term strategy to maintain closed gaps

Graphical screenshot of the three phases.

Click to enlarge images.

High-level Summary of the Main Points in the POAM
FindingRecommendation
No Disaster [redacted] plan, and an untested failover with limited capacity that may not sufficeCreate and document a disaster [redacted] plan
C[redacted] System is antiquated, insecure, and has poor vendor supportProcure and implement a new C[redacted] system with proper documentation surrounding support
Identified gaps in third-party vendor SLA coverage for processes and procedures that everyone thought were coveredIdentify ownership of all assets, applications, processes and procedures whether the owner is internal or a third-party vendor
Identified multiple critical single points of failureAddress all critical single points of failure that could lead to downtime

 

 

911 Gap POAM (Table Scrolls Sideways)
Asset LocationAsset TypeOperational TaskResponsibilityVirtual (Y/N)Contract Document NameContract Termination DateType of SupportIdentify GapHardware AgeMake/ModelHostnameIP AddressAnti-VirusAnti-Virus VersionOperating System VersionPatch LevelPatch MethodApplications (Not Default)
E-911 CenterFax MachineCommunication with other [Redacted][Redacted]NOUnknownUnknown[Redacted] does HardwareAsset Management (ID.AM) and Risk Management Strategy
(ID.RM)		UnknownCannonUnknown[Redacted]UnknownUnknownUnknownUnknownUnknownUnknown
E-911 CenterPhysical Radio Equipment911 Radio System[Redacted]/[Redacted]NODownloadPDFServlet (NEW) and Res. 18-32 [Redacted] Renewal 2018 (OLD)2024-12-31 00:00:00[Redacted] is responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesAsset Management (ID.AM) and Risk Management Strategy
(ID.RM)		UnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknown
E-911 CenterPhysical Server911 Phone System[Redacted]NORes. 20-446 [Redacted] [Redacted] Support 911 Phone System [Redacted] 20-212021-11-30 00:00:00[Redacted] is responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesAsset Management (ID.AM) - Physical/Virtual devices and Software platforms not fully inventoriedUnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknownUnknown
E-911 CenterLaptop Computer[Redacted] Communications[Redacted] ITNOUnknownUnknownIT Responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesAsset Management (ID.AM) and Risk Management Strategy
(ID.RM)		UnknownDell Latitude 5410[Redacted]DHCPCrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows UpdatesUnknown
E-911 CenterLaptop Computer[Redacted] Communications[Redacted] ITNOUnknownUnknownIT Responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesAsset Management (ID.AM) and Risk Management Strategy
(ID.RM)		UnknownDell Latitude 5410[Redacted]DHCPCrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows UpdatesUnknown
E-911 CenterDesktop Computer[Redacted] Communications[Redacted] ITNOUnknownUnknownIT Responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesAsset Management (ID.AM) and Risk Management Strategy
(ID.RM)		6 monthsUnknown[Redacted]DHCPCrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows UpdatesSchedule Anywhere Software
E-911 CenterDesktop Computer911 Radio System [Redacted]/[Redacted]NODownloadPDFServlet (NEW) and Res. 18-32 [Redacted] Renewal 2018 (OLD)2024-12-31 00:00:00[Redacted] is responsible for Hardware, Software, Anti-Virus, Operating System Installations, and Operating System PatchesAsset Management (ID.AM) - Physical/Virtual devices and Software platforms not fully inventoriedUnknownUnknown[Redacted][Redacted]Windows DefenderUnknownWindows 10UnknownUnknownUnknown
E-911 CenterDesktop ComputerComputer Aided Dispatch System[Redacted] IT and [Redacted]NO[Redacted] - [Redacted] Master AgreementUnknownIT Responsible for Hardware, Anti-Virus, Operating System Installation, and Operating System Patches - [Redacted]/[Redacted] is responsible for the Computer Aided Dispatch Software Updates (Virtually Done)Risk Management Strategy
(ID.RM) and Supply Chain Risk Management (ID.SC)		18 monthsHP Z240 Tower Workstation[Redacted][Redacted]CrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows Updates[Redacted] CAD Sfotware Version - 2.1.2.64
E-911 CenterDesktop ComputerComputer Aided Dispatch System[Redacted] IT and [Redacted]NO[Redacted] - [Redacted] Master AgreementUnknownIT Responsible for Hardware, Anti-Virus, Operating System Installation, and Operating System Patches - [Redacted]/[Redacted] is responsible for the Computer Aided Dispatch Software Updates (Virtually Done)Risk Management Strategy
(ID.RM) and Supply Chain Risk Management (ID.SC)		18 monthsHP Z240 Tower Workstation[Redacted][Redacted]CrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows Updates[Redacted] CAD Sfotware Version - 2.1.2.64
E-911 CenterDesktop ComputerComputer Aided Dispatch System[Redacted] IT and [Redacted]NO[Redacted] - [Redacted] Master AgreementUnknownIT Responsible for Hardware, Anti-Virus, Operating System Installation, and Operating System Patches - [Redacted]/[Redacted] is responsible for the Computer Aided Dispatch Software Updates (Virtually Done)Risk Management Strategy
(ID.RM) and Supply Chain Risk Management (ID.SC)		18 monthsHP Z240 Tower Workstation[Redacted][Redacted]CrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows Updates[Redacted] CAD Sfotware Version - 2.1.2.64
E-911 CenterDesktop ComputerComputer Aided Dispatch System[Redacted] IT and [Redacted]NO[Redacted] - [Redacted] Master AgreementUnknownIT Responsible for Hardware, Anti-Virus, Operating System Installation, and Operating System Patches - [Redacted]/[Redacted] is responsible for the Computer Aided Dispatch Software Updates (Virtually Done)Risk Management Strategy
(ID.RM) and Supply Chain Risk Management (ID.SC)		18 monthsHP Z240 Tower Workstation[Redacted][Redacted]CrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows Updates[Redacted] CAD Sfotware Version - 2.1.2.64
E-911 CenterDesktop ComputerComputer Aided Dispatch System[Redacted] IT and [Redacted]NO[Redacted] - [Redacted] Master AgreementUnknownIT Responsible for Hardware, Anti-Virus, Operating System Installation, and Operating System Patches - [Redacted]/[Redacted] is responsible for the Computer Aided Dispatch Software Updates (Virtually Done)Risk Management Strategy
(ID.RM) and Supply Chain Risk Management (ID.SC)		18 monthsHP Z240 Tower Workstation[Redacted][Redacted]CrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows Updates[Redacted] CAD Sfotware Version - 2.1.2.64
E-911 CenterDesktop Computer[Redacted] Communications[Redacted] ITNOUnknownUnknownIT Responsible for Hardware, Software, Anti-Virus, Operating System Installation, and Operating System PatchesRisk Management Strategy (ID.RM): Established organization’s priorities, constraints, risk tolerances, and assumptions 6 monthsProDesk 400 G6 SSF[Redacted]DHCPCrowdStrike6.25Windows 10 ProfessionalUnknown3rd Party Apps Desktop Central and Group Policy Windows UpdatesUnknown

 

About

Sedara

Sedara Security was founded in 2013 to streamline practical and effective cybersecurity for organizations of all sizes. We are headquartered in Buffalo, NY and live and breathe cybersecurity. Our communities are adopting technology faster than they can keep everything secure and this fundamental problem currently does not have an easy solution. This uphill battle drives us to bring honed cybersecurity expertise, strategies, and manpower to as many organizations as possible.

See details on our government contract information here.

References

Sedara uses NIST CSF 1.1 crosswalked to the following industry standards and best practices.

  • National Crime Information Center (NCIC)
  • National Emergency Number Association (NENA)
  • Association of Public Safety Communications Officials (APCO)
  • The National Fire Protection Association (NFPA)
  • Commission on Accreditation for Law Enforcement Agencies (CALEA)
  • The Federal Communications Commission (FCC)
  • Task Force on Optimal Public Safety Answering Point Architecture (TFOPA)
  • State 9-1-1 Standards
  • State Division of Homeland Security and Emergency Services
  • Federal Emergency Management Association (FEMA)
NCPA

Sedara Purchasing Contract Information

Sedara utilizes NCPA (National Cooperative Purchasing Alliance) 01-97 Advanced Technology Solutions Aggregator contract.
NCPA (National Cooperative Purchasing Alliance) is a leading national government purchasing cooperative working to reduce the cost of goods and services by leveraging the purchasing power of public agencies in all 50 states.

Lot ParticipationOGS Contract NumberContractor InformationFED ID#NYS Vendor ID#Contractor Specifics
LOT 3PM68199Sedara, LLC
77 Goodell St. Suite 420
Buffalo, NY 14203		4641232501100171657Contact Information
Price List
Terms & Conditions
CONTRACT PERIOD: July 23, 2018 to November 29, 2022

NYS OGS Group 73600

INFORMATION TECHNOLOGY UMBRELLA CONTRACT MANUFACTURER BASED (Statewide)

Accomplish your security & compliance goals.
Easier.

Get a Demo