The services offered by the CCA are completely free of charge and have been designed by CISSP certified, cybersecurity experts who have experience designing, creating and delivering cybersecurity services to 911, law enforcement and public safety agencies.
These services have been crafted to make a difference and provide maximum impact to public safety agencies aiming to improve their cybersecurity posture. All services have been created in alignment to industry leading frameworks such as NIST, CIS & ISO.
Find out more about our services below:
Cybersecurity Risk Assessment – Civic Cyber Alliance provides no-cost cybersecurity risk assessments to 911 centers, law enforcement, and public safety organizations. Each assessment is aligned with the NIST Cybersecurity Framework (CSF) 2.0 and is designed to give agencies a clear, vendor-neutral view of their cyber resilience.
The service evaluates an organization across the five NIST CSF functions – Govern, Identify, Protect, Detect, Respond, and Recover – highlighting strengths, pinpointing gaps, and recommending practical improvements.
This service also includes 2 hours of professional services time for remediation and implementation.
Cybersecurity Training – This 1 hour training equips 911 professionals, law enforcement, and public safety staff with the essential practices needed to protect their digital tools and maintain mission readiness. Designed in plain, non-technical language, the course covers the most common threats facing public safety agencies and the practical steps individuals can take to reduce risk.
Participants will learn how to recognize phishing attempts, manage passwords securely, use multi-factor authentication, handle sensitive information responsibly, and follow safe practices on agency devices and networks. The session also reinforces the importance of backups, software updates, and reporting suspicious activity quickly.
By the end of the course, attendees will understand the “Top 10 Everyday Habits” that form strong cyber hygiene – helping safeguard critical systems so that first responders can stay focused on protecting the community.
Ransomware Response Tabletop Exercise – Our 2 hour tabletop exercise simulates a ransomware attack on critical 911 and public safety systems, guiding agency leaders and staff through the decisions they would face in real time. Participants are presented with a realistic scenario in which dispatch systems, CAD servers, or communications networks are encrypted and inaccessible.
The exercise challenges teams to coordinate their incident response, communication strategy, continuity of operations, and recovery planning. It highlights both technical and non-technical considerations — from isolating infected systems to ensuring calls for service are answered, coordinating with vendors, engaging law enforcement, and informing the public.
Cybersecurity Incident Response Plan Development – No-cost support to 911 centers, law enforcement, and public safety agencies in developing customized Cyber Incident Response Plans (IRPs). These plans outline the clear, step-by-step actions agencies should take when faced with a cyberattack, ensuring critical services like emergency call handling and dispatch remain available.
Using guidance from the NIST Cybersecurity Framework and NIST SP 800-61 (Computer Security Incident Handling Guide), our team works with agency leadership, IT staff, and frontline operators to create and test IRPs