top of page
Search

Network Security and Cybersecurity in the 911 Outage: When Infrastructure Design Becomes the Weakest Link

  • Writer: Hector R. Lopez
    Hector R. Lopez
  • Oct 23
  • 8 min read

Network Security and Cybersecurity in the 911 Outage: When They Fail Without an Attacker


In early 2024, residents across several Midwestern and Western states dialed 911 and reached only silence. 911 call centers scrambled to relay emergencies by radio as dispatch systems froze for nearly two hours. The cause, according to the carrier, was an application and incorrect process.


Just last month, another multi-state outage swept through the South, again disabling 911 access across several states. The Carrier blamed it on a fiber cut. Different states, different carriers, same result. These and similar 911 disabling events now form a pattern — proof that the nation’s emergency-services backbone suffers from a recurring structural weakness rather than isolated accidents.


This analysis relies on information publicly released by providers and the FCC Blog: “Multi-Line Telephone Systems — Can You Connect to 911?” (2025). Those reports may omit technical details, yet the evidence points to a common vulnerability: cybersecurity failures are emerging not only from hostile actors but from design failure.


When a single trench cut, execution of a process, and firewall settings, can paralyze 911 regions, the cause is not random misfortune — it is blueprint failure. Network security is not merely perimeter defense; it is the discipline of engineering systems so that a single-point disruption cannot cascade into functional paralysis.


Every credible resilience framework — from CISA’s Critical Infrastructure Security and Resilience guidance to NIST SP 800-34 Rev. 1 — emphasizes the ability to sustain communications links through physical diversity and verifiable failover as baseline controls. When those principles are treated as afterthoughts, cybersecurity collapses without a single adversary’s help.



A Snapshot of the 911 Outage and Its Network Security Implications.


Across the affected regions, 911 calls failed to reach Public Safety Answering Points

(PSAPs) for hours. These failures demonstrates that multiple critical systems rely on a single transport plane. According to the FCC’s Network Outage Reporting System (NORS) and Disaster Information Reporting System (DIRS), these events trigger emergency notifications — yet the public summaries omit details about physical-route diversity or failover activation. That omission is itself instructive.


The technical narrative is familiar: a severed fiber in one trench disables multiple circuits, and the failover never triggers because both the primary and redundant paths use the same conduit. This is a governance failure disguised as an operational incident.


Alternative plausibilities exist. Reconnaissance operations sometimes probe network dependencies by observing latency patterns, routing changes, or service behavior during controlled or coincidental disruptions. In this context, a physical fiber cut could also reveal which PSAP networks share common backplanes and which lack effective failover paths. Whether such reconnaissance occurred is unknown — but the vulnerability it exposes is the same: dependence on unverified redundancy.


These repeated incidents show that the nation’s emergency communications fabric has become architecturally fragile — not because the technology is outdated, but because governance oversight and design assurance have not evolved with its mission-critical importance.



Inside the Infrastructure: Network Security by Blueprint, Not Backhoe


The recent outages didn’t happen because one construction crew hit the wrong line; they happened because the 911 communications architecture was built for efficiency, not endurance.


Most state and regional systems depend on carrier backplanes — bundled, long-haul fiber trunks that route emergency calls through centralized exchange points. Those exchange points are supposed to have redundant paths, yet in practice the backup appears to ride inside the same physical conduit or splices into the same distribution cabinet. When one path fails, the “redundant” circuit fails with it.


This is not a wiring mistake — it’s a design choice born of procurement and failure of regulatory oversight. Contracts typically ask for redundant connectivity but perhaps do not require proof of independent path verification. Carriers deliver secondary circuits that appear separate on diagrams but converge underground. Without an audit trail that validates physical diversity, redundancy exists only on paper.


Federal frameworks anticipated this decades ago. NIST SP 800-34 Rev. 1 directs agencies to ensure the availability of communications links and to identify alternate telecommunications services that can sustain essential missions when the primary path fails (Sections 3.3 and 5.2, Appendix C).


This standard of verified resilience parallels the governance lifecycle outlined in BravoCheck’s A Working Definition of “Reasonable Security” in Cybersecurity.


In governance terms, this is the difference between declaring redundancy and proving resilience. 911 infrastructure meets compliance checklists but fails the test of path independence. Until states require carriers to demonstrate route diversity the same way financial auditors demand evidence of control separation, these outages will remain predictable.



Governance Gap: When Efficiency Defeats Security


Governance of resilience failed not in design, but in definition. 


For a decade, state and regional leaders have pursued efficiency mandates — consolidating Public Safety Answering Points (PSAPs), pooling maintenance budgets, and rewarding vendors for uptime percentages instead of continuity proof. These choices created a governance ecosystem that prized speed and cost control over risk proportionality.


Procurement language reinforced the drift. Bid templates copied from IT-service contracts ask for redundant connectivity but omit independent-path verification or continuity testing frequency. Without those clauses, carriers meet the letter of the contract while avoiding its intent: single-point dependence in practice.


Funding oversight follows a fragmented path. 


Federal leadership for 911 modernization sits within the National 911 Program — managed by NHTSA’s Office of EMS in coordination with NTIA. The Program administers grants, publishes annual reports, and sets national guidance for Next Generation 911 (NG911) implementation, but who currently measures failover effectiveness as a performance metric — the core of operational resilience.


State CIOs recognize the gap. The NASCIO 2025 State CIO Top Priorities list names “Cybersecurity Resilience and Risk Management” as the leading priority for the third consecutive year — proof that the governance community knows the risk but still struggles to translate awareness into enforceable procurement standards.


The same illusion appears in control programs, where more safeguards don’t always equal more protection — a point explored in Security Control Readiness: More Levers ≠ More Protection.


When governance metrics reward speed and savings, resilience always loses. Efficiency becomes an adversary of assurance. The outages did not expose technical incompetence; they exposed a budgeting model that defines success as project completion, not verified survivability. True network-security governance demands evidence that the system can function under stress, not merely a certificate that it was built on time.



Strategic Priority — The State’s Highest Function at Risk


Legislatures classify emergency response as the highest public-safety priority, yet the infrastructure that supports network security and cybersecurity operates as a budgetary afterthought.


Red emergency phone on a 911 dispatch console representing network security resilience and communication system reliability

Across the country, state emergency-management frameworks label fire service, EMS, and 911 as essential or priority functions in their statutory risk registers. For example, the National Emergency Communications Plan published by CISA calls these services “paramount to the safety and security of Americans” and directs states to maintain continuity of communications under all hazard conditions. Yet repeated 911 outages show that the designation exists on paper, not in practice.


Risk analysis makes the contradiction obvious. 


If the impact of losing emergency communications is catastrophic, and the likelihood — as shown by multi-state outages — is increasing, then control maturity should be high. Instead, the average system’s maturity is demonstrably low. This inversion — assigning maximum consequence but accepting high likelihood — is one no corporate board would tolerate under any cybersecurity governance model.


The equipment and personnel inside fire and EMS stations illustrate the effect of cause. When call routing fails, dispatchers revert to manual relay, mobile phones, or radio patching — measures meant for contingency, not continuity. Each workaround erodes response time and situational awareness, turning a communication failure into an operational hazard. A single cut in a fiber trench can quickly escalate from technical fault to life-safety incident.


Governance logic demands proportional investment. 


If legislatures define fire, EMS, and 911 as priority risks, then their communications networks warrant the same due care and due diligence applied to financial or energy infrastructure. That means verified route diversity, tested failover, and documented recovery time objectives — proof that resilience is engineered, not assumed.


The BravoCheck perspective frames this as a governance alignment problem. Statutes assign top-tier priority; budgets and procurement treat it as mid-tier infrastructure. Until that gap closes, states will continue to declare critical functions while funding fragile systems.


In risk terms:


  • Impact = Catastrophic

  • Likelihood = Increasing

  • Control Maturity = Low


That triad defines a governance failure, not a technical one. The corrective path is simple but not easy: treat communications continuity for fire, EMS, and 911 as a regulated resilience metric — verified, reported, and funded in proportion to consequence.



Analyst’s Note — Reconnaissance, Dependency Mapping, and the Limits of Public Explanation


Each 911 outage exposes more than a break in a trench; it exposes a map.


Every time routing collapses, investigators, adversaries, and researchers alike can infer which carriers share conduit, where switching boundaries converge, and which jurisdictions lack independent path verification. In cybersecurity terms, an outage is also a reconnaissance event — a public disclosure of the system’s dependency graph.


The Cybersecurity and Infrastructure Security Agency (CISA) defines this risk in its National Critical Functions Framework as “functions so vital that their disruption could have a debilitating effect on security, national economic security, or public health and safety.”

Among the listed functions are “Emergency Services” and “Provide Wireless Access Network Services.” When both rely on the same fiber path, the outage becomes a cross-sector dependency failure — the kind of systemic weakness CISA warns about.


The problem is disclosure, not denial.


Because 911 infrastructure is part public, part private, the technical details of its routing and failover are rarely shared outside a closed circle of carriers and state coordinators. Public statements after outages usually cite “fiber damage” or “vendor maintenance” without releasing route topology or redundancy validation data. This opacity protects sensitive infrastructure but leaves governance bodies unable to assess whether design standards meet reasonable security thresholds.


From an analyst’s perspective, this is where cybersecurity meets policy ethics.


Too much transparency invites threat exploitation; too little invites complacency. The balance is governance through attestation and audit, not disclosure. States and carriers can maintain operational secrecy while still submitting independent verification that failover paths, latency thresholds, and recovery objectives have been tested and meet defined standards. That is the model embedded in NIST SP 800-84, Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities — proof that resilience can be demonstrated without revealing design.


In short, the next outage will not be prevented by a press release or a thicker cable. It will be prevented when dependency mapping becomes a standing requirement of cybersecurity governance — tested, attested, and documented to the same rigor as financial controls.



BravoCheck Conclusion — A Governance Call to Action


The 911 outages are not fiber problems; they are governance failures.


Every cut trench, failed switchover, or downed backplane reveals a deeper truth: resilience is not engineered through equipment alone. It’s earned through governance discipline — clear standards, verified failover, and documented accountability.


The lessons from Network Security and Cybersecurity in the 911 Outage are clear: resilience is not a technical luxury but a governance mandate.


The pattern across incidents is now undeniable.


  • Design failures: Networks labeled “redundant” without physical diversity.

  • Procurement drift: Contracts written for cost efficiency, not continuity verification.

  • Oversight gap: Funding and reporting divorced from measurable resilience outcomes.


Each of these is solvable through the same logic that defines reasonable security in cybersecurity: demonstrate due care in planning, due diligence in validation, and proportionality between consequence and control.


Governance reforms can start today.


  1. Require independent route-diversity audits for all public-safety carriers.

  2. Mandate continuity-of-communications testing using frameworks such as NIST SP 800-84 and FEMA Comprehensive Preparedness Guide 101.

  3. Integrate resilience metrics into state, and local risk registers alongside impact and likelihood.

  4. Fund local continuity nodes and digital failsafes as part of cybersecurity modernization, not as emergency grants.


For boards and executives, this moment parallels the financial-oversight reforms of the 1990s. When auditors began asking not whether a company spent enough, but whether it could prove its controls worked, governance matured. Public-safety networks need the same shift: from trust to verification.


BravoCheck perspective:


Network security and cybersecurity governance share a single standard — demonstrable resilience.



Comments

All Briefings | Strategy & Operations | Risk & Governance | Compliancy & Privacy | Resilience & Value

Two climbers on a steep rock face, one guiding and supporting the other upward — symbolizing cybersecurity leadership helping organizations turn risk into resilience.

Turn Cyber Risk Into Enterprise Value

Briefings show the path — BravoCheck helps you climb it. With ANSI-accredited and DoD-approved expertise, we turn strategy into disciplined execution, aligning priorities and operations so cybersecurity delivers measurable outcomes and enterprise value.

BravoCheck is JD-led and holds ANSI-accredited and DoD-approved certifications such as CISSP and CGRC — credentials that boards, regulators, and auditors already rely on as decision heuristics.

The outcome: cybersecurity strategies that are independently validated and defensible under scrutiny.

CISSP — ISC2. DoD-approved; ANAB-accredited.
CGRC — ISC2. DoD-approved; ANAB-accredited.
CIPT — IAPP. ANAB-accredited.
CIPM — IAPP. ANAB-accredited.
CIPP/US — IAPP. ANAB-accredited.
CIPP/E — IAPP. ANAB-accredited.
AIGP — IAPP.
CFE — ACFE.
CECI — Certified Expert in Cyber Investigations.
CCEP — SCCE.
bravocheck-cybersecurity-wireframe-process-background.jpg

Credentials That Leaders and Regulators Already Trust

bottom of page