Cybersecurity for EMS agencies on a budget

By Chad Crouse

In today’s increasingly technology-dependent world, our fire-rescue/EMS organizations are continuing to struggle with an ever-growing threat – cybersecurity. Public safety organizations are not only vulnerable to ransomware, phishing attacks and system breaches, but they are increasingly being targeted. For fire/paramedic chiefs, the challenge is clear: How can you safeguard your department’s critical systems when your budget is already stretched thin?

Cybersecurity might sound intimidating and expensive, but the reality is that many bad actors focus on easy targets, and even small steps can go a long way. By focusing on practical, affordable strategies, fire/EMS departments can significantly reduce their risk without breaking the bank.

The growing threat of cyber attacks

Public safety agencies are prime targets for cybercriminals. Hackers know how the importance of your systems – dispatch software, electronic patient records and communication networks, just to name a few. A ransomware attack has the potential to lock your department out of these tools, grinding operations to a halt. A data breach could expose sensitive patient or personnel records, leading to legal issues and a loss of public trust, not to mention significant costs. According to Cybercrime Magazine, global ransomware damage related costs could top $250 billion by 2031.

For smaller or resource-strapped fire/EMS departments, the stakes are even higher. Limited budgets often mean outdated technology and few dedicated IT professionals, making it harder to keep up with evolving threats. However, a lack of resources doesn’t have to mean vulnerability.

Simple steps for big protection

One of the most effective ways to strengthen cybersecurity is by focusing on the basics, including “cyber-hygiene,” routine practices that protect your systems and forms the foundation of your cybersecurity environment. Some examples:

• Passwords: Weak passwords are one of the most common entry points for hackers. A simple fix? Require strong, unique passwords that include a mix of letters, numbers and symbols, and ensure they are updated periodically.
• MFA: Better yet, implement multi-factor authentication (MFA), which adds a second layer of security, like a code sent to your phone.
• Software updates: Updating software is another no-cost way to improve security. Many departments use systems that haven’t been patched in years, leaving them vulnerable to known exploits. By enabling automatic updates, you can close these gaps before hackers find them.

People are the first line of defense

No matter how advanced your technology is, your personnel play a critical role in cybersecurity. In many cases, human error, not sophisticated hacking, is what leads to breaches. That’s why training your team is essential.

Teaching firefighters, paramedics, EMTs and administrative staff to recognize phishing scams can make a huge difference. These scams often come disguised as urgent emails from trusted sources, asking for passwords or sensitive data. A few minutes of training could save your department from a costly attack.

Interactive training, like running mock phishing campaigns, can reinforce these lessons. When personnel see the tactics hackers use in a safe environment, they’ll be more prepared to identify and avoid real threats.

One of the easiest ways to manage cybersecurity in a fire/EMS department is through Role-Based Access Control (RBAC). With RBAC, access to systems and data is assigned based on a person’s job role. For example, a member might have access to scheduling software but not sensitive patient care records, while a fire/paramedic chief might have access to financial systems but not IT configurations.

Role-based access: Keeping it simple and secure

By limiting access to only what’s necessary, RBAC minimizes the risk of unauthorized access or accidental misuse. It also makes it easier to manage permissions – when someone’s role changes, their access can be updated without needing to overhaul the system.

Most platforms used by fire/EMS departments, such as dispatch software or cloud-based management tools, already support RBAC. Setting it up may require some initial effort, but the payoff is a simpler, more secure system.

Affordable tools for fire/EMS departments

While advanced cybersecurity tools and services can offer unparalleled protection, they often come with a price tag that many fire/EMS departments cannot afford. For departments strapped with limited funds, there are still effective and affordable options that provide a strong first line of defense against cyber threats.

• Antivirus software: Basic antivirus programs like Windows Defender or Avast can help stop malware before it causes damage. Though not as comprehensive as enterprise-level solutions, they provide an essential layer of protection.
• Firewalls: Many routers come with built-in firewalls that can block unauthorized access. Properly configured, these can prevent external threats from reaching your network.
• Encryption tools: Encryption ensures that sensitive files are secure, even if intercepted. Free tools can protect critical data like patient records or personnel information.
• Backup solutions: Regular backups, whether to external hard drives or free/low-cost cloud storage, are a must. These ensure that your data can be restored quickly in the event of a ransomware attack or other compromise.

While these solutions may not offer advanced analytics, automated threat detection or centralized management of premium cybersecurity systems, they provide a foundation for departments operating within tight budgets. By leveraging these tools and pairing them with strong cyber-hygiene practices, fire/EMS departments can establish a functional and effective cybersecurity framework.

Investing in more advanced solutions should remain a long-term goal, but starting with affordable tools ensures that even resource-constrained departments are not left defenseless.

Focus on what matters most

When resources are limited, it’s critical to prioritize. Not all systems are created equal, and some require more protection than others. Start by identifying the assets that are most critical to your operations. Dispatch software, patient care records and personnel data are often at the top of the list.

Once you know what’s most important, focus your efforts there. For instance, investing in secure backups for patient records should take precedence over protecting less critical tools. This approach ensures you’re using your resources where they’ll have the greatest impact.

Strength in collaboration

When it comes to cybersecurity, fire/EMS departments don’t have to face the challenge alone. Federal agencies and programs offer valuable resources to support public safety organizations in protecting their critical systems. Leveraging these partnerships can help departments strengthen their defenses without straining their budgets.

• CISA (Cybersecurity and Infrastructure Security Agency): CISA provides extensive free resources tailored to public safety organizations. Tools like their Cyber Essentials Toolkit and the Infrastructure Security Technical Assistance Program can help departments identify vulnerabilities and implement practical solutions. CISA also offers workshops, online training and free cyber-hygiene assessments, including vulnerability scanning.
• DHS (Department of Homeland Security): DHS offers grants and initiatives focused on cybersecurity for public safety. For example, the Homeland Security Grant Program (HSGP) includes funding specifically aimed at enhancing cybersecurity capabilities for critical infrastructure. Departments can apply for support to strengthen their networks, improve incident response, and train personnel.
• FEMA (Federal Emergency Management Agency): While many departments rely on FEMA’s Assistance to Firefighters Grant (AFG) Program for equipment and staffing, FEMA also administers grants like the Building Resilient Infrastructure and Communities (BRIC) program. BRIC funds projects that enhance community resilience, including cybersecurity initiatives that safeguard critical infrastructure.

Preparing for the worst

While prevention is vital, no system is completely foolproof. That’s why having a response plan in place is just as important as safeguarding your systems. If an attack does occur, your plan should outline the steps to take, from isolating affected systems to notifying relevant authorities and restoring operations.

Practice makes perfect, even in cybersecurity. Conducting regular tabletop exercises can help your team rehearse their response, identify gaps in your plan and build confidence in handling real-world scenarios.

What matters

Cybersecurity may not be as visible as the fire trucks and ambulances your community sees, but it’s just as vital to your mission. Every fire/paramedic chief has a role to play in leading the charge, even without a technical background. By focusing on basic practices, leveraging free tools and seeking support from your community, you can protect your department without overwhelming your budget.

The road to cybersecurity might seem long, but every step counts. Start small, update your passwords, back up your data and train your team. These simple actions can make all the difference in keeping your systems secure and your community safe.

In the digital age, protecting your community means more than risk assessment, it means safeguarding your technology, your data and the trust of the people you serve.

ABOUT THE AUTHOR
Chad Crouse serves as division chief at the Saint Lucie County Fire District in Florida. He leads the Community Risk Reduction, IT, Communications, and Emergency Management divisions, emphasizing innovative technology solutions that enhance fire safety and emergency response capabilities. Crouse is a seasoned educator and active member of the International Association of Fire Chiefs Technology Council.