City of Asheville

Phoebe Scruggs

Resilient Infrastructure Authority

During major political cycles or regional emergencies, municipal, state and tribal governments must support Department of Homeland Security (DHS) agencies with localized IT infrastructure. As part of the 2024 election cycle and the response to Tropical Storm Helene, the City of Asheville IT department collaborated extensively with DHS to support dignitaries and emergency personnel. The following insights and lessons learned aim to help other government IT departments effectively prepare for and respond to DHS operations within their communities.

The City of Asheville IT Services department has been engaged with multiple DHS agencies over the past several years. These interactions have been positive, and the results of these collaborations have informed and influenced the strategic direction for our IT team. This success is the product of technical and logistical preparedness, relationship management and flexibility across all areas of IT responsibility, including cybersecurity, the forward positioning of assets and clear processes for engagement with various stakeholders.

Interacting with DHS often involves short timelines, rapidly shifting logistics and situational security demands. IT assets must remain flexible and mobile to accommodate changing venues and timelines. Success relies on close coordination with local law enforcement and government leadership to ensure assets are deployed precisely when needed. Furthermore, IT teams must be prepared to execute technical directives on short notice, such as managing sitespecific connectivity blackouts, or supporting specialized radio communications.

Cybersecurity is a critical pillar of DHS collaboration. During high-profile visits or emergencies, IT leadership should adopt a proactive security posture by increasing monitoring and engaging federal and state authorities to reduce the threat footprint. The City of Asheville has noted a distinct correlation between large-scale events—such as the 2022 US-Ukraine tennis tournament, the 2024 presidential campaign cycle and the aftermath of Helene—and increased breach attempts. Early engagement with regional IT strike teams such as the National Guard or governmental coalitional IT strike teams provides the specialized expertise necessary to monitor and recover from these heightened threats. Use of government cybersecurity toolkits such as the MultiState Information Sharing and Analysis Center (MS-ISAC) Security Operations Center monitoring toolkit dramatically increases visibility into and response to cybersecurity events as a result of a high profile event.

“Effective support for Homeland Security missions transcends technical proficiency; it is rooted in strategic foresight and collaborative partnership.”

Proper personnel credentialing is also vital. Events involving the Secret Service, FBI or other DHS security agencies require background-checked individuals who are ideally trained and authorized for Criminal Justice Information Systems (CJIS). These certifications provide necessary assurances that on-site personnel are vetted and qualified for secure environments. In addition, providing preplanned staffing schedules, badges and credentials necessary for venue access and clear identification of IT personnel improves the level of security and collaboration between local IT departments and DHS agencies.

Depending on the circumstances, mobile command posts, mobile drone operations and other offsite equipment may be needed. These may be potentially located in geographically diverse regions of the jurisdiction, requiring robust wide-area network solutions and rapid deployment capabilities. Having IT personnel who are familiar with the technology and communications capabilities of the equipment being deployed is a crucial part of an information technology continuity of operations plan or business continuity plan which likely come into effect during an event where DHS agencies are involved. It is likely that the local emergency operations center will also be activated, which will have its own IT requirements and IT leadership should be prepared to staff multiple locations with multiple IT disciplines including infrastructure, applications and end user support.

Building collaborative relationships with local law enforcement and regional, state and federal agencies—as well as maintaining good working relationships with IT resources in surrounding areas—is a long-term strategic effort that enhances IT team responsiveness to DHS requests. Establishing agreements and engagement policies for cybersecurity response, logistics and technology needs that extend beyond local IT department capabilities paves the way for a strong and secure response to DHS requirements.

Ultimately, effective support for Homeland Security missions transcends technical proficiency; it is rooted in strategic foresight and collaborative partnership. By prioritizing long-term relationship building with multijurisdictional partners, adopting a proactive security posture and ensuring personnel are vetted and ready, government IT departments can move beyond simple responsiveness to become integral enablers of national security objectives, ensuring mission success during moments of crisis or highprofile events.