|
Volume 23 — Issue 31 | August 3, 2023 |
|
In May, NENA: The 9-1-1 Association and its survey partner, Carbyne, surveyed a random sample of Emergency Communications Center (ECC) personnel across North America. The survey has one of the largest-ever sample sizes of its kind, receiving 841 responses from communities and ECCs of all sizes.
NENA and Carbyne have now published the results of this first-of-its-kind survey in a report, Pulse of 9-1-1 State of the Industry Survey. The respondents included dispatchers and telecommunicators, managers and shift supervisors, Assistant Directors and Directors, as well as Deputy and Sheriff titles. Respondents answered a wide range of questions related to their call centers, their role, and their personal responses to the challenges of their mission. They were also asked about the changing influence of technology on their workplace and associated challenges.
The report reveals that the 9-1-1 industry is comprised of a seasoned, overstressed workforce grappling with surging call volumes, complex compounded emergencies, outdated technologies, and insufficient support.
Key findings from the Pulse of 9-1-1 Survey include:
- A staggering 82% of centers reported being understaffed and struggling with hiring and retention, with respondents citing stress and low pay as the top obstacles to attracting and keeping staff.
- 83% of participants say their centers experience high call volumes on multiple days each week. Fewer than half can gain accurate location information from mobile callers, and fewer than 20% are able to accept video calls.
- 74% of respondents revealed that their 9-1-1 centers are plagued by staff burnout, with many others exhibiting mental health warning signs such as anxiety, fatigue, and low energy levels.
These survey results are especially concerning for local governments, who are already facing recruitment, retention, and staffing challenges within their fire, emergency medical services (EMS), and law enforcement agencies.
Access the report on NENA’s website and Carbyne’s website. You may also want to check out NBC News’ short video, providing national news coverage of this report and its implications.
(Sources: NENA: The 9-1-1 Association, Carbyne, FirefighterCloseCalls.com, NBC News)
|
|
The Federal Emergency Management Agency’s (FEMA) Building Science Disaster Support Program recently published a Mitigation Assessment Team report, Marshall Fire: Building Performance, Observations, Recommendations, and Technical Guidance (PDF, 23 MB).
While FEMA’s Mitigation Assessment Teams (MATs) have investigated and reported on many natural disasters for more than 30 years, this is the first MAT investigation of a wildfire disaster.
This report can be used by planners, fire departments and community leaders to help create better wildfire planning documents. It can also be used to develop and implement more effective wildfire mitigation projects, including structure and landscape improvements.
The Marshall Fire swept through the City of Louisville, the Town of Superior, and unincorporated Boulder County, Colorado on Dec. 30, 2021. It was the most destructive fire in Colorado’s history. This wildfire disaster presented valuable opportunities for MAT investigators for a few reasons.
The Marshall Fire is believed to have started from multiple ignition points leading to a grass fire in a neighborhood, yet it became a highly destructive wildland-urban interface (WUI) fire. Extreme winds, long term drought, and unseasonably high temperatures interacted to influence the behavior of the fire. FEMA believed it was important to study this fire because the nature of the origin, weather conditions, and impacts on the built environment in the wildland-urban interface represent risks that need to be better understood by planners, developers, government officials, and the public.
The aftermath of the Marshall Fire provided ample opportunities to evaluate building performance during the fire. The fire damaged more than 1,000 homes and more than 30 commercial structures. Limitations in existing wildfire safety and planning regulations contributed to the extent of the damage.
The MAT team used the information gathered in its investigation to evaluate how wildland-urban interface (WUI) design, construction, and defensible space practices can be improved to increase community wildfire resilience. Team members also evaluated components and systems of primarily residential structures to determine the effectiveness of various building materials, design, and construction practices for wildfire resiliency.
The recommendations in the report are supported by several appendices providing in-depth technical guidance for specific audiences at the community, neighborhood/subdivision, and individual parcel/building levels. These appendices are included in the report, but were also published as stand-alone guides:
The report and all individually published appendices are available within FEMA’s Building Science Resource Library.
(Source: FEMA)
Recruitment and retention are vital elements for the success of any volunteer fire or emergency medical services (EMS) department. Volunteer departments play a critical role in safeguarding communities, but without enough dedicated volunteers, these departments struggle to fulfill their mission.
Recognizing this challenge, the U.S. Fire Administration (USFA) has taken a proactive step by releasing a comprehensive manual titled Retention and Recruitment for the Volunteer Emergency Services. This manual will equip volunteer departments with the necessary tools, strategies and insights to overcome recruitment obstacles and retain their valuable volunteers.
The manual discusses critical recruitment and retention challenges and the factors that contribute to these challenges. It offers case studies and insights on fostering and maintaining effective relationships between volunteer fire and emergency services and local governments. The manual offers recruitment and retention strategies, with individual sections on marketing, using data to drive recruitment and retention efforts, and funding.
Through the implementation of the strategies and practices outlined in this manual, volunteer departments can strengthen their ranks, enhance their operations and ultimately fulfill their vital mission of safeguarding the well-being of their communities.
Download the full report on USFA’s website.
(Source: USFA)
Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. The ongoing message of Cybersecurity Awareness Month is to remind all Americans that cybersecurity and keeping the Internet safe for everyone is a shared responsibility.
October 2023 marks the 20th Cybersecurity Awareness Month. This year will focus on four key behaviors everyone can take to reduce cyber risk:
- Turning on multi-factor authentication (MFA).
- Using strong passwords and a password manager.
- Updating software regularly.
- Recognizing and reporting phishing.
CISA needs your help to amplify messaging throughout the month and year-round. Join CISA and the National Cybersecurity Alliance for a webinar on Wednesday, Aug. 9 from 2-3 p.m. EDT to learn how you and your organization can get involved. To register, click here.
For more information, and to partner with CISA for Cybersecurity Awareness Month, contact us at AwarenessCampaigns@cisa.dhs.gov.
(Source: CISA)
|
|
Cybersecurity Performance Goals: Sector-Specific Goals
CISA released its updated Cross-Sector Cybersecurity Performance Goals (CPGs) in March 2023. Originally released last October, the CPGs are voluntary practices that businesses and critical infrastructure owners can take to protect themselves against cyber threats. The CPGs strive to address this need by providing an approachable common set of information technology (IT) and operational technology (OT) cybersecurity protections that are clearly defined, straightforward to implement, and aimed at addressing some of the most common and impactful cyber risks.
CISA is now working with Sector Risk Management Agencies (SRMAs) to directly engage with each critical infrastructure sector to develop Sector-Specific Goals (SSGs). In most instances, these goals will likely consist of either new, unique additional goals with direct applicability to a given sector, or, materials to assist sector constituents with effective implementation of the existing cross-sector CPGs.
While Sector Coordinating Councils (SCCs) will be one conduit for part of this outreach, CISA is committed to working closely with SRMAs to ensure that development of all sector-specific materials is done in an open and collaborative fashion, that includes participation from stakeholders of varying size and perspective.
More information on the sector-specific goals will be provided as efforts progress.
(Source: CISA)
|
|
Web browsing is the primary entry vector for ransomware infections
The most widely used method for ransomware delivery in 2022 was via URL or web browsing (75.5%), Palo Alto Networks researchers have found. Third-party apps were the primary entry vector for ransomware infections in 8.2% of cases recorded by the company in 2022.
In 2021, it was email attachments (i.e., delivery via SMTP, POP3, and IMAP protocols), but in 2022 that particular delivery channel was used only in 12% of attempts.
The attackers have been spotted rotating different URLs/hostnames to host the same ransomware or using the same URL to deliver different ransomware. Some attackers do both of these things. Ransomware gangs are also fond of using popular public hosting, social media and media-sharing services, as well as long-lived benign domains they’ve managed to compromise, for ransomware delivery. “These URLs are likely to fall through the cracks of many existing URL blocking services due to the good reputation involved with these services,” the researchers explained.
(Source: Help Net Security)
CISA and partners release joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), CISA, and the National Security Agency (NSA) are releasing a joint Cybersecurity Advisory (CSA), Preventing Web Application Access Control Abuse, to warn vendors, designers, developers, and end-user organizations of web applications about insecure direct object reference (IDOR) vulnerabilities. These vulnerabilities are frequently exploited by malicious actors in data breach incidents and have resulted in the compromise of personal, financial, and health information of millions of users and consumers.
ACSC, CISA, and NSA strongly encourage vendors, designers, developers, and end-user organizations to review the CSA for best practices, recommendations, and mitigations to reduce the prevalence of IDOR vulnerabilities and ensure web applications are secure-by-design and -default.
(Source: CISA)
Threat actors abuse Google AMP for evasive phishing attacks
Security researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to inboxes of enterprise employees.
Google AMP is an open-source HTML framework co-developed by Google and 30 partners to make web content load faster on mobile devices. AMP pages are hosted on Google’s servers, where content is simplified and some of the heavier media elements are pre-loaded for faster delivery. The idea behind using Google AMP URLs embedded in phishing emails is to make sure that email protection technology does not flag messages as malicious or suspicious due to Google’s good reputation. The AMP URLs trigger a redirection to a malicious phishing site, and this additional step also adds an analysis-disrupting layer.
(Source: Bleeping Computer)
NSA releases guide to harden Cisco next generation firewalls
The NSA has released a new Cybersecurity Technical Report (CTR), Cisco Firepower Hardening Guide, to assist network and system administrators with configuring these next generation firewalls.
The CTR, “Cisco Firepower Hardening Guide,” outlines how to properly configure next generation firewalls and provides best practices for configuring and hardening Cisco Firepower Threat Defense (FTD), now known as Cisco Secure Firewall, systems beyond default security features and traditional firewall capabilities.
According to the CTR, CISCO Firepower Threat Defense (FTD) systems, now known as Cisco Secure Firewalls, are next generation firewalls that combine application and network layer security features. In addition to traditional features, these next generation firewalls provide application visibility and controls (AVC), URL filtering, user identity and authentication, malware protection, and intrusion prevention.
It is important to properly configure and leverage all the defenses that a network has available. NSA recommends organizations implement the recommendations listed in this CTR to harden network defenses against increasingly sophisticated and persistent threats.
(Source: NSA)
New SEC rules require U.S. companies to reveal cyberattacks within 4 days
The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyberattack within four days of identifying that it has a "material" impact on their finances, marking a major shift in how computer breaches are disclosed.
"Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors," the SEC chair said. "Currently, many public companies provide cybersecurity disclosure to investors. I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable, and decision-useful way."
The policy, first proposed in March 2022, is seen as an effort to bring more transparency into the threats faced by U.S. companies from cybercrime and nation-state actors, close the gaps in cybersecurity defense and disclosure practices, and harden the systems against data theft and intrusions.
(Source: The Hacker News)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|