Cybersecurity

Building security into FirstNet: Doing it right the first time

The goal of FirstNet is to make it easy for first responders and other emergency personnel to access and exchange mission-critical information from state and federal agencies, geospatial information, real-time video from crime scenes and sensor data from disaster sites as well as simply talk to one another across multi-jurisdictional lines. While there’s no doubt FirstNet will be a boon to public safety, we shouldn’t lose sight of the “security” part of the equation in our haste to guarantee optimal communications.

By Patrick Flynn

August 5, 2014

Patrick Flynn is the director of homeland/national security programs for McAfee, a part of Intel Security

With the passage of the Middle Class Tax Relief and Job Creation Act of 2012, the First Responder Network Authority (FirstNet) was introduced, advancing an objective states had been working toward for years. A culmination of recommendations from the states, public safety communities and the 9/11 Commission, FirstNet will create a state-of-the-art nationwide, interoperable wireless broadband network.

If we’re going to build a network for public safety, we have to make sure network and device security is a primary consideration during the design phase. Not only will building security in at the beginning make the security better and more robust, but it also will drive down cost. A little bit of investment on the front end can potentially save millions of dollars on the back end. And what’s more, law enforcement and other first responders can have actionable information at their fingertips quickly, efficiently and securely.

In many IT projects, security is viewed as a value-neutral or even an inhibitor of the project’s aim – rarely as an enabler of the project’s success. How many times when planning new IT initiatives do we list all the features and functions the new network or system will provide and then, when everyone is out of energy, add, “Oh, and of course we have to have privacy and security?” That kind of mindset, where security (and privacy) are really afterthoughts, doesn’t encourage anyone to think of security as an enabling design requirement.

Yet what if we turned that notion around and viewed security as an enabler of what we’re trying to accomplish? What if we thought of security as helping to provide the cool new features — rather than as a necessary drag on everyone’s time? We might be surprised at the results.

With a secure-from-the-start FirstNet, users will be able to, among many other things:

Have secure, integrated access to traditional law enforcement databases.
Upload real time video of crime scenes or disaster relief efforts.
Engage in secure, interoperable information sharing.
Share secure sensor data with approved users.

And with new technology, like next generation firewalls (NGFW), security will not impede network efficiency. In fact, a robust NGFW from a provider of integrated security solutions can act as a network enabler, helping to manage secure network traffic. Law enforcement and other emergency personnel would be able to get the information they need quickly, efficiently and, most importantly, securely. Other innovations, such as embedding security at the chip level, are equally promising in terms of ease of use and the ability to stop the kind of attacks that aim below the operating system. This kind of deep-level security can quickly identify and remediate threats while allowing the access and availability first responders need.

FirstNet holds tremendous promise, and we’ve come pretty far in the last two years. Let’s make sure we do this right, especially with so much at stake. Let’s build security in at the start so it can become an enabler of all the rest of the network’s great possibilities.