6 Key Takeaways: Strengthening Public Safety Through Collective Defense

Public safety agencies rely on technology that cannot fail, making public safety cybersecurity a critical priority. From 911 and Computer-Aided Design (CAD) to Records Management System (RMS) platforms, these systems support 24x7x365 operations where even brief disruptions can have immediate consequences.

In a webinar hosted by the Center for Internet Security^® (CIS^®), we explored how cyber threats are increasingly targeting these environments and what U.S. State, Local, Tribal, and Territorial (SLTT) agencies can do to stay resilient. Here are the key takeaways.

Takeaway #1: Cyber Risk Is Operational Risk

Threat actors targeting public safety are not just focused on stealing data. They are aiming to disrupt operations in a way communities feel it.

Ransomware, phishing, and data exposure campaigns can force agencies into manual processes, limit visibility, and delay response, a reminder of how much is on the line when these systems are disrupted. In recent incidents, organizations have had to revert to radios and paper-based workflows or operate with reduced dispatch capabilities.

Takeaway #2: Defending Alone Creates Risk

A consistent theme from the discussion is that many U.S. SLTT agencies are managing growing cyber risk with limited staff and resources.

Security teams are often overwhelmed with alerts but lack the context needed to prioritize them. At the same time, threat actors are sharing tools, tactics, and intelligence across networks.

Without that same level of shared visibility, defenders are left operating in silos, increasing risk of blind spots across the broader public safety cybersecurity landscape.

Takeaway #3: Collective Defense Is a Force Multiplier

Collective defense changes that dynamic.

Through the Multi-State Information Sharing and Analysis Center^® (MS-ISAC^®), agencies can access shared threat intelligence, actionable indicators of compromise (IOCs), and real-time advisories informed by activity across the U.S. SLTT community.

This broader visibility enables faster detection, better prioritization, and more effective response. Lessons learned in one jurisdiction can immediately strengthen defenses in another, improving overall cybersecurity for public safety agencies as a community.

Takeaway #4: Leadership Starts with the Right Questions

Another important takeaway is that cybersecurity is not just a technical issue. It is a leadership priority.

CIS emphasizes the importance of leadership engagement, starting with asking the right questions about resilience, preparedness, and personnel risk.

This includes understanding how well critical systems are protected, how prepared the organization is for ransomware, and what risks exist for personnel, including doxing and exposure of sensitive information.

Takeaway #5: Continuous Assessment Is Essential

Threats evolve quickly, and they extend beyond technology to affect people, operations, and public trust. Defenses must evolve with them.

Agencies should continuously evaluate their cybersecurity posture, including through:

• Alignment to the CIS Critical Security Controls^® (CIS Controls^®)
• Protection of mission-critical systems like 911, CAD, and RMS
• Readiness for ransomware and recovery scenarios
• Exposure to human-targeted threats such as surveillance, doxing, and PII leakage

Strengthening a public safety cybersecurity posture requires ongoing visibility and adjustment, not a one-time effort.

Takeaway #6: Layered Defense Makes the Difference

The webinar also highlighted the importance of combining prevention and detection.

Malicious Domain Blocking and Reporting (MDBR) helps stop threats before a connection is ever made, while CIS Managed Detection and Response™ (CIS MDR™) identifies and responds to activity at the endpoint with 24x7x365 U.S.-based CIS Security Operations Center (SOC) support.

Together, they provide a layered, practical approach designed for U.S. SLTT environments.

Moving Forward: Your Path to Collective Defense

Public safety depends on systems remaining available and personnel staying protected. That requires more than individual effort. It requires shared insight and coordinated defense.

Collective defense provides a path forward, helping agencies stay operational, protect their people, and continue serving their communities.