NATIONAL EMS WEEK - MAY 15-21, 2022

By Chetrice Mosley-Romero

When it comes to describing the critical, lifesaving work performed by EMS (Emergency Medical Service) professionals, there are few better words that define what it is our frontline heroes do than their ability to “rise to the challenge”.

It’s National EMS Week and this year’s theme, “Rising to the Challenge”, is particularly meaningful now, as a reminder to all of us that these dedicated people, every day, face all sorts of challenges. Yet, they reliably answer the call to respond, support, and care for the needs of our communities.

Here in the Hoosier state, our emergency management system includes a dedicated workforce of more than 24,000 EMS professionals; it’s a system that provides emergency medical care to their patients more than 2,000 times per day. In 2021, they completed were more 1.26 million EMS runs, earned 2,539 new certifications and whose work is achieved as part of the more than 800 provider organizations that operate across the state.

A critical component, vital to meeting those challenges, is cybersecurity.

EMS agencies use electronic systems and software for everything from capturing 911 call data, dispatching the ambulance, and recording patient care to collecting clinical data, billing for services, and communicating with one another. At any moment, a single cyber incident can threaten or compromise the CIA Triad, an information security model consisting of three core components – confidentiality, integrity, and availability – that is used as a model to help guide an agency’s security policies and procedures.

Among the types of cyber incidents that can occur, includes:

• Phishing email: An attacker uses tricky emails to get users to disclose information, very often their username and password. The attacker then uses the stolen credentials to gain access to the network.
• Malware: An attacker distributes malware as email attachments or links; from the web; from external devices such as USBs, CDs, and DVDs; or it can be manually placed by an attacker that has access to the network.
• Hacking or intrusion: Occurs when an attacker is able to exploit vulnerability on a computer or computer network to gain access. From this point, the attacker may increase their privileges or may use the compromised computer as a pivot point to move deeper into the network.
• Theft or loss of equipment: When equipment that can store a patient’s health information is lost or stolen, the information it contains is at risk.
• Tailgating, shoulder surfing, baiting: Techniques used as a means to gain access. Tailgating is following people through access-controlled doors or gates to gain access to secured areas. Shoulder surfing is looking over a person’s shoulder to watch a password or pin entered during login or reading other information the user is viewing. Baiting is leaving USB, CD or DVD drives in a parking lot where a user will pick it up and put it in a computer, compromising the computer.

In response, EMS professionals receive training designed to keep their patients, as well as the communities they serve, medically safe and secure, while, at the same time, protecting their personal information and delivering the highest quality of care.

To help protect our state’s dedicated EMS providers, cybersecurity is a high priority in Indiana. As the State of Indiana’s Cybersecurity Program Director, we are grateful for their tireless work and, together, with the members of the Indiana Executive Council on Cybersecurity, we are committed to continuing in our mission to creating the policies, initiatives, and resources that are critical to maintaining Indiana’s cyber risk profile.

Indiana Gov. Eric Holcomb proclaimed May 15-21, 2022, as EMS Week and all Hoosiers are encouraged to celebrate and honor the work of emergency service personnel throughout the state.

For more information about how these dedicated professionals are “rising to the challenge”, visit the Indiana Department of Homeland Security (IDHS) website and be sure to watch the video tributes and hear their stories. And for the latest cyber resources, best practices, and tips, visit the Indiana Cybersecurity Hub and follow us on Twitter and Facebook.