End the Copper Era: Intrado Pushes for Cybersecurity, NG9-1-1, Interoperability Across Emergency Networks and Secure ESInet Standardization

When emergency services are delayed, lives hang in the balance. But when the very systems designed to protect people are targeted by cyberattacks, often by those who may one day rely on them, the consequences can be critical. 

In our first joint interview, Lauren Kravetz, Vice President of Government Affairs at Intrado and a former bureau chief at the Federal Communications Commission (FCC), teamed with Charles Gifford, Intrado’s Vice President of Information Security, to walk us through the challenges facing America’s 9-1-1 infrastructure.

Emergency systems today do more than handle voice calls, process live location data, and vehicle crash alerts. They face threats like AI-generated calls and call-flooding attacks. The risks to public safety are growing fast.

Intrado, which supports emergency call routing for nearly 40 percent of America's Public Safety Answering Points (PSAPs), is leading efforts to modernize the country’s outdated copper-wire 9-1-1 infrastructure. Their goal is to build stronger cybersecurity protections across state-run Emergency Services Internet Protocol Networks (ESInets).

But the path forward is tangled in outdated systems, inconsistent policies, and evolving cyber threats that put first responders and the public they serve at risk when every second counts.  

Vishwa: You’ve served both inside government as Chief of Staff to three Chiefs of the FCC’s Public Safety and Homeland Security Bureau and now at the forefront of public safety innovation as VP of Government Affairs at Intrado. Can you walk us through your journey, key milestones, and what continues to drive your work in this space? Having worked at the intersection of policy, technology, and crisis response, what personal strengths or mindset have helped you lead in such high-stakes, high-impact environments?

Lauren: I did not start my career in public safety; that came later. Growing up in Los Angeles, I had the sense early on that a lot of the big decisions were made in Washington, DC, and I wanted to be part of that environment through public service. 

After graduating from college, I went to work on Capitol Hill and quickly realized that becoming a lawyer would increase my ability to have an impact. I started my legal career as a communications lawyer in a DC law firm, representing broadcasters and wireless providers before the FCC and in corporate transactions. 

Wireless was still nascent as a consumer service, and it was exciting to support clients who were building the networks and figuring out how to leverage new technologies. Eventually, I wanted to return to public service, and I left for the FCC, which, looking back, was a defining moment. 

This gave me a much deeper understanding of how government works and how policy is made, and also more insight into the throughline of how government action (or inaction) affects people and business. I was using my corporate background then to review mergers between wireless companies, including the impact on the public. 

An opportunity arose in the Public Safety and Homeland Security Bureau to manage network/911 reliability and disaster response initiatives, and that’s when I entered the public safety realm. I didn’t realize at the time how much that job change would shape me and my future. It’s one thing to feel good about supporting the growth of communications networks, but it’s something quite different – at least for me – to know that I play a role in saving lives. 

My role at Intrado requires me to use all of my best skills -- of course, writing and lawyering, but especially connecting with people, building relationships and partnerships, creative problem-solving, and managing complex issues. It also feeds my desire to keep learning about new technology, the intricacies of the 911 ecosystem, and the business of providing 911 services. I feel lucky every day to be here.

Perhaps the most important thing I’ve done in my career is co-author Intrado’s recent State of the 9-1-1 Industry Report, which covers 911 industry developments that we address head-on every day at Intrado. 

We positioned this for both a broad audience who is learning about 911 technology and services, and also for those who are ready for a more advanced discussion. The response has been tremendous.

Vishwa: Your work at Intrado touches systems people rarely think about until they need them most. For those unfamiliar, what role does Intrado play in the emergency communications ecosystem, and how do those capabilities support the services that individuals, first responders, and agencies depend on every day?

Lauren: Intrado is the oldest company in this space. In the 1970s, our founders, who were sheriffs in Boulder, CO, developed the first method to route landline calls to ensure they were delivered to the closest PSAP. Intrado is the only service provider in the 911 space that covers the entire 911 continuum – from the moment of the call, to routing through our dedicated 911 network, to delivery to the geographically appropriate PSAP with location information and other supplemental data. 

We provide the call handling equipment on the desk of 911 professionals in about 40% of U.S. PSAPs and were the first to start deploying Next Generation 911 technology.

As communications technology evolves to allow people to make calls from more places over more devices and platforms, we continue to be a leader in the technology that will allow 911 calls over these new devices and platforms to reach emergency responders. 

This summer, we announced a partnership with Toyota to provide Advanced Automotive Crash Notification natively through the NG911 network, which will make more critical details about a crash available to PSAPs more quickly to reduce the time to emergency response and, hopefully, save more lives.

Vishwa: Can you share a specific instance where Intrado's systems successfully mitigated a cyberattack on a PSAP, detailing the response strategy and lessons learned to enhance future resilience?

Charles: While we can’t speak to a specific instance due to privacy protections, an attack type we often see is a TDOS – where abnormal traffic is observed, often stemming from one or a few specific numbers repeatedly calling 9-1-1. We coordinate with the Network Operations Center to implement a block for the number(s) involved. 

This prevents those fraudulent 9-1-1 calls from coming through, enabling 9-1-1 telecommunicators to focus on legitimate emergencies.

Vishwa: Your 2025 report highlights three urgent challenges: cybersecurity lagging behind NG9-1-1 rollouts, inconsistent PSAP standards, and the rising threat of AI-driven deception. What changes does Intrado hope to see internally, across the sector, or in policy to close these cybersecurity gaps? And based on early deployments, what technical or political shifts are most urgent now?

Charles: Across the U.S., IP-based NG9-1-1 networks facilitate emergency communications for approximately 66% of the population. So, about 33% of the population is still sending 9-1-1 communications via a 1970s-era copper wire network. It is absolutely urgent to extend NG9-1-1 networks to serve the remaining 33% of the population.

Those who are currently served by NG9-1-1 networks are located in states that are finding a way to fund it, whether through 9-1-1 subscriber charges, general appropriations, or grants. The only way to achieve end-to-end NG9-1-1 across the U.S. is through federal funding. 

However, the last assessment to determine the amount of funding required was conducted about eight years ago. The amount of funding required to facilitate NG9-1-1 deployment for the remaining 33% of the population has likely decreased since that assessment, due to the expansion of NG9-1-1 in recent years. 

The fastest way to determine the funding amount required today would be to conduct an update to identify whether NG9-1-1 is already deployed and how much it will cost to close the rest of the deployment gap. A department or organization also needs to be granted the authority to collect this data and produce a cost estimate, which can inform legislation to provide funding.

Vishwa: Intrado works closely with federal agencies, including the Cybersecurity and Infrastructure Security Agency (CISA), the National Institute of Standards and Technology (NIST), and the Federal Communications Commission (FCC). How do each of these bodies help shape and strengthen your cybersecurity operations, whether through threat intelligence, regulatory alignment, or standards development, and at which stages of threat management do they have the greatest impact?

Charles: I believe the greatest impact is the Cybersecurity Information Sharing Act (CISA) of 2015, which is up for reauthorization this September. This creates Information Sharing Analysis Centers (ISAC), like COMM-ISAC and ND-ISAC, enabling real-time threat intelligence to be shared across multiple entities. 

This creates the backbone upon which threat types, as well as defense tools and tactics, are shared across public and private organizations. This Act has become invaluable when it comes to defending emergency response systems and networks, as well as protecting 9-1-1 professionals, first responders, and the communities they serve.  

For example, when a vulnerability becomes publicly known, threat intelligence has often already been shared among stakeholders because of CISA legislation—enabling quick, decisive action that is central to protecting national security and critical infrastructure.

Vishwa: As emergency systems adopt AI for call triage, routing, and decision-making, how is Intrado securing these capabilities against specific threats like system manipulation, data poisoning, or adversarial AI attacks? What safeguards or testing procedures are in place to ensure AI doesn’t become a new vulnerability in the 9-1-1 infrastructure?

Charles: On an organizational level, we at Intrado have built our security program to leverage the latest tools and best practices aligned with CMMC, a defense and industrial base certification required for all U.S. Department of Defense contractors.

On the product side, Intrado adheres to a secure Software Design Lifecycle (SDLC), which I will touch upon a little later.

Vishwa: The 2022 cyberattack that disrupted the 988 Suicide & Crisis Lifeline was a wake-up call about vulnerabilities in critical communications infrastructure. As NG9-1-1 platforms shift toward IP-based systems, which components like call handling software, interconnected PSAP networks, cloud-based failovers, or third-party APIs, are proving most susceptible to cyber threats? And how is Intrado adapting its security strategy to defend these high-risk areas while maintaining uninterrupted emergency services?

Charles: Not only is Intrado adhering to secure SDLC practices, but we’re actually enhancing our tools. Software Quality Assurance scans are performed at code check-in and check-out. 

We are also implementing static and dynamic application security testing in the development phase, before software is ever released publicly. This helps protect our customers’ 9-1-1 call routing and infrastructure, as well as strengthen Intrado’s security program as a whole.

Vishwa: How does Intrado use real-time monitoring and diagnostics to detect and stop cyber threats before they disrupt emergency services?

Charles: Intrado has partnered with one of the top security operations center providers in the world, which actively monitors Intrado’s environment 24x7x365 for any cyberattacks.

Vishwa: From your vantage point, leading NG9-1-1 efforts, how well are current regulations supporting the pace of cybersecurity and innovation in emergency services? Where do you see regulatory gaps or misalignments causing friction, and what types of policy shifts or industry coordination could help resolve them?

Charles: CISA legislation has established information sharing as a cornerstone of public safety system cybersecurity best practices, especially as threats against critical infrastructure are increasing in frequency and sophistication.

The grant program for NG9-1-1 enablement also requires any applicant to demonstrate a robust cybersecurity program to receive the grant, which further improves the security of public safety infrastructure and systems. Intrado has been instrumental in informing policymakers on the necessary security requirements.

Unfortunately, PSAPs that have not converted to NG9-1-1 are unlikely to be able to make any significant updates to their defenses to meet the demands of modern security in today’s threat environments. 

PSAPs that still depend on legacy networks can improve physical security, such as blocking open ports on computers, as well as adopting multi-factor authentication and zero-trust policies. However, due to the limitations of legacy copper wire networks, their options for further security enhancements are limited until they transition to NG9-1-1.

Vishwa: Intrado has emphasized network segmentation as a cornerstone of its cyber defense stack. Can you walk us through how this capability has already been implemented to fortify PSAP networks, particularly in ways that leave no room for lateral movement by attackers?

Charles: The most important element of NG9-1-1 is an Emergency Services IP Network (ESInet), which is a standalone network. So, they are already isolated—limiting malicious actors’ opportunity for lateral movement. 

ESInets are also separately deployed by states, not network providers. This prevents cross-contamination across multiple ESInets if there is an incident.

Vishwa: Looking ahead, where do you believe external support could make the biggest impact? Whether it's joint standardization efforts, deeper R&D partnerships on AI-based threat detection, or stronger policy advocacy, which of these would move the needle most in strengthening cybersecurity for the emergency services ecosystem?

Charles: The largest impacts for the whole emergency services ecosystem will be getting rid of legacy 9-1-1 systems and standardization across ESInets. While maintaining separate ESInets is critical to security, interoperability becomes a challenge when each state’s ESInet is deployed differently. 

This approach creates a patchwork of security controls between each state’s ESInet. To realize the full promise of NG9-1-1, there needs to be more standardization in how ESInets are deployed. This enables the same cyber tools to be used to protect all ESInets—reducing the number of possible vulnerabilities.

The most commonly used standard for NG9-1-1 is NENA’s i3 standard, which is not as focused as it could be. Intrado is willing to support and participate in revisions to the i3 standard to achieve greater standardization and interoperability, as well as a reduction in vulnerabilities.