Creating a secure digital policing ecosystem is essential, and it calls for close collaboration across various groups: law enforcement, cybersecurity experts, policymakers, and the tech industry. Indeed, setting up standards and frameworks that ensure the security and integrity of our digital tools is vital in our mission.
Another crucial component to highlight is Geographic Information Systems (GIS). These technologies play a key role in modern municipal operations, not just for mapping critical infrastructures but also managing the personal data of residents. Our reliance on GIS underscores the need to understand both the location and security of critical infrastructure data. It’s not only about the functionality these systems offer but also about who controls these GIS platforms. We must question if they use map systems from other countries, which could potentially offer a backdoor into our community’s sensitive information.
Recent incidents, such as the infiltration of Canadian biolabs and communities by entities with hidden agendas, have shown the risks posed by foreign interference. These examples serve as stark reminders of the complex security landscape we navigate, highlighting the importance of vigilance and proactive measures to safeguard our national interests.
Assessing and Mitigating Risks: A Path to Secure Digital Policing
In strengthening our defenses, we must first assess our risks thoroughly:
Evaluate the security level of the information stored within our systems.
Determine whether the system gathers public information.
Identify if the system processes other types of information that might attract foreign interests, such as critical infrastructure details or location tracking.
Choosing the right solution provider is equally critical:
Inquire where the software is hosted and where the data, including backups, is stored.
Verify if they meet ISO27001 and SOC Level 2 certifications and request proof of current certification status.
Request a list of names along with proof of enhanced security clearance for each team member accessing the software code or customer data.
Investigate whether they have received funding from grants or other programs, including details about the grant providers.