Cybersecurity, Law Enforcement Technology

IACP Conference 2022 Recap: Exploring Cybersecurity and Data Analysis


Both law enforcement professionals and technology providers gathered at the International Association of Chiefs of Police (IACP) Conference 2022 to discuss current challenges in the field and latest technology resources to meet the needs of the police force. Based on a commitment to advance safer communities through thought leadership, experts focused on utilizing technology modernization to address the growing issues of cybersecurity and maximizing resources through effective data analysis.

CYBERSECURITY

Smartphone Use for Police Operations: Law enforcement agencies have found many benefits from providing officers in the field with smartphones including increased officer safety through GPS tracking, easy access to a camera, body-worn incident tagging, similar functionality to in-vehicle mobile data terminals (MDTs) and support to in-vehicle, in-field and in-station operations. The challenge, however, is achieving compliance and instituting cybersecurity strategies to ensure the safety of the data, device and officer. The Criminal Justice Information Services (CJIS) Security policy applies to all parties dealing with criminal justice information (CJI) and incorporates guidelines on wireless networking, data encryption and remote access. Mobile device management (MDM), a way to manage agency smartphones, is a requirement for any agency wanting to access, transmit or store criminal justice data using mobile devices. Agencies must institute elements such as:

  • Multi-factor authentication
  • Regular updates and maintenance
  • Remote device locking and setting lock capabilities
  • Remote wiping of device
  • Folder or disk level encryption
  • Detection of unauthorized configurations, software or applications
  • Location tracking of agency-controlled devices
  • Prevention of unpatched devices from accessing CJI or CJI systems

IACP Recap Blog Embedded Image 2022Ransomware: The recent increase of ransomware and impact of successful attacks is driving urgency within law enforcement agencies to institute stronger cybersecurity strategies. Disruptions to police systems cause 911 calls to be rerouted, CAD systems to be disrupted, email and phone systems to be disabled as well as other repercussions. Cybercriminals also threaten to leak confidential informant, victim and officer details if the police do not pay the ransom. Investigations conducted to identify possible ransomware attack patterns revealed that there was no geographic methodology behind the hacks but that the common link was, any vulnerability found in an agency’s system was exploited.

Ransomware remains the largest type of attacks against public safety agencies. Police departments make up about 22% of attacks on public safety and from 2020-2021, approximately $800 million was spent towards restoring operations due to ransomware attacks. The increase in ransomware can be attributed to the decrease of technological skills required to launch an attack, particularly in the form of ransomware-as-a-software (RaaS).

To protect an agency’s critical data, law enforcement institutions should adopt National Institute of Standards and Technology (NIST) Cybersecurity Framework principles such as:

  • Know your network: Examine all hardware, software, data flows and applications
  • Know your adversary: Who is attacking and how might they do it?
  • Patch, Patch, Patch: While sometimes difficult to execute operationally, it is essential
  • Know what normal looks like: It is the only way to detect abnormal
  • Educate your users: Cybersecurity is everyone’s responsibility
  • Know how to respond to a cyber-attack: Train hard, fight easy

Cybersecurity and Digital Integrity: In this current digital age, many agencies experience cyber fatigue, struggling to manage all the technology, digest the data and maintain sufficient security. The extensive number of devices such as internet of things (IoT) devices, vendor devices or other forms of technology running through the agency’s network create vulnerabilities and often result in cyber breaches. Being able to ingest all the data safely and effectively is critical to the justice system’s mission. All technology, even the most cutting-edge, still requires the implementation of cybersecurity. As a frame of reference, experts reminded that IT systems necessitate just as much security as physical evidence management and keeping the chain of custody intact.

Cyber incidents and data loss within law enforcement agencies endangers not only the public’s safety but also their trust in police officials. Inter-agency sharing of breaches is a key element to mitigate risk and promote transparency. Agencies can also facilitate trust within the community by proactively communicating their use of technology and the protection strategies in place to safeguard public data. Ultimately, technology should be implemented in conjunction with the correct cybersecurity measures to avoid opening additional vulnerabilities and successfully enhance safety and community trust.

DATA ANALYSIS

Modernizing Investigations in the Digital Age: Experts attest to the power of properly employed technology within the law enforcement field. By innovating with current technology and adopting other digital resources, agencies can transform the public safety landscape and offer significant value-adds to those who protect the community daily. To modernize the investigation workflow and process the substantial amounts of digital evidence, law enforcement administrations must focus on training personnel properly, instilling an understanding of the importance of securing digital evidence, keeping the chain of custody on digital evidence intact and demonstrating for other agencies the technology benefits to promote interagency collaboration and support.

Currently, 95% of crimes have a digital component involved through phone records, social media, security cameras etc. making the data analysis a crucial part of cases. This quantity of digital evidence extending across multiple aspects of investigations, the technical sophistication of criminals, public scrutiny and lack of resources can make it a challenge to store and manage. However, harnessing technology platforms that can analyze, track, store and share the data easily shifts the situation from being an underutilized burden to an integral wealth of information and efficiency booster.

Body Worn Cameras and Public Trust: Many law enforcement agencies have implemented widespread usage of body worn cameras (BWC) to increase transparency and build trust within their communities. According to a 2018 report by the Bureau of Justice Statistics (BJS), 80% of law enforcement agencies have acquired body-worn cameras however 99% of that footage was never analyzed. Without the tools to catalog, analyze and apply the data, ROI on BWCs is severely impeded and the technology is rendered obsolete.

To remedy this situation, public safety offices are looking to create a fully indexed and automated database of events linked to multiple applications: supervision, performance evaluation, training, officer safety and wellness, community trust and transparency, risk management, etc.

This analysis and processing of BWC footage is possible through Multi-Modal Analysis (MMA) which integrates natural language processing (NLP) and computer vision (CV). Artificial intelligence (AI) and machine learning (ML) empower this technology to analyze the content of the camera footage and train the computer systems to optimize the material for easy evaluation of officer and citizen behavior. Public officials can then take these insights and formulate strategies of how officers can better influence interactions. Agencies plan to begin the adoption process of this solution starting in 2023. This will provide a new capacity to measure and evaluate officers in action and strengthen community trust through measurable outcomes and enhanced accountability.

Multimedia Evidence and Data Analytics Programs: Law enforcement agencies are often faced with the challenge of overwhelming amounts of data collected during cases. Officers gather three types of data:

  • Operational data—traffic stops, field interviews, calls for service, criminal incident, tips and informants
  • Non-operational data—human resources, training records, disciplinary files etc.
  • Digital evidence—video footage, news media, pictures, social media etc.

Unless it is handled properly, all of this information needing to be analyzed and managed can shutdown police IT systems and slow down the investigation. To solve this difficulty, public safety administrators created the Digital Content Analysis Platform (DCAP), which consists of several vetted tools to process the material. In addition to these resources, the key aspects needed for a successful data analysis program are:

  • Organizational planning & strategy
  • Proper implementation
  • Maintenance of architecture
  • Standardized processes
  • Proper and continuous training
  • Technical support and assistance
  • Communication and clear goal setting
  • Development of technical skills or robust outsourced managed services
  • Public safety mindset change

When law enforcement leadership prioritize the effort and commit the funding to these initiatives, it enables police departments to take basic reports and transition to software dashboards that make reports more efficient and easily digestible.

As law enforcement agencies seek to improve operations for the benefit of police officers and the communities they serve, utilizing technology plays a major role. Taking the data available and extracting insights through tech software enables police to operate data-driven strategies which contribute to a significant reduction of violent crime in cities across the country. By implementing the correct cybersecurity procedures alongside these IT solutions, law enforcement can be assured of the safety as well as the greatest benefits from the technology. Law enforcement agencies must unify under the mission of building trust within the community and maximizing every resource to protect public safety.

 

Visit Carahsoft’s Law Enforcement portfolio, bringing together industry-leading software and hardware solutions to support Federal, State and Local public safety agencies. Alongside our vendor partners, Carahsoft provides policing and investigative technologies to support mission objectives.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at IACP 2022.*

Related Articles