The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. [1] Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened on June 6, 2003. The NCSD mission is to collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is John Streufert, former chief information security officer (CISO) for the United States Department of State, [2] [3] who assumed the position in January 2012.
[4] Strategic Objectives
To protect the cyber infrastructure, NCSD has identified two overarching objectives:
Priorities
NCSD is funded through the following three Congressionally appropriated Programs, Projects and Activities (PPA): United States Computer Emergency Readiness Team (US-CERT), Strategic Initiatives, and Outreach and Programs: [4]
NCSD has been plagued by leadership problems, having had multiple directors that resign after serving only short terms, or potential candidates for the position of director who refuse the position. As chair of the pre-existing Counter-terrorism Security Group, Richard Clarke was initially offered the position of director of the NCSD, but refused citing concerns that there would be too many bureaucratic layers between him and Homeland Security director Tom Ridge. Robert Liscouski ran the division initially while a permanent director was sought and continued on as Assistant Director until February 2005. Amit Yoran became director of NCSD in September 2003 and helped set up the division, but after only a year in the job, left abruptly in October 2004. One of the division's deputy directors, Andy Purdy, assumed the position of interim director within a week of Yoran's departure. In 2006 upon Andy Purdy's departure Jerry Dixon took on the role as acting director in December 2006 until officially appointed to the position as executive director in January 2007. Upon Dixon's departure in September 2007 Mcguire took on the role of acting director until March 2008 which the USSS assigned Cornelius Tate and Anita Calinoiu to be the current director of NCSD.
An audit of the division, conducted by DHS's inspector general Clark Kent Ervin, cast a negative view on the division's first year. Although the report praised the formation of the U.S. Computer Emergency Readiness Team (US-CERT) and the National Cyber Alert System, the division received criticism for failing to set priorities, develop strategic plans and provide effective leadership in cyber security issues. [6] [7] [8] [9] [10]
The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management.
The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications' (CS&C) National Cybersecurity and Communications Integration Center (NCCIC).
In the United States government, the National Strategy to Secure Cyberspace, is a component of the larger National Strategy for Homeland Security. The National Strategy to Secure Cyberspace was drafted by the Department of Homeland Security in reaction to the September 11, 2001 terrorist attacks. Released on February 14, 2003, it offers suggestions, not mandates, to business, academic, and individual users of cyberspace to secure computer systems and networks. It was prepared after a year of research by businesses, universities, and government, and after five months of public comment. The plan advises a number of security practices as well as promotion of cyber security education.
The Homeland Security Act (HSA) of 2002, was introduced in the aftermath of the September 11 attacks and subsequent mailings of anthrax spores. The HSA was cosponsored by 118 members of Congress. The act passed the U.S. Senate by a vote of 90–9, with one Senator not voting. It was signed into law by President George W. Bush in November 2002.
An information assurance vulnerability alert (IAVA) is an announcement of a computer application software or operating system vulnerability notification in the form of alerts, bulletins, and technical advisories identified by US-CERT, https://www.us-cert.gov/ US-CERT is managed by National Cybersecurity and Communications Integration Center (NCCIC), which is part of Cybersecurity and Infrastructure Security Agency (CISA), within the U.S. Department of Homeland Security (DHS). CISA, which includes the National Cybersecurity and Communications Integration Center (NCCIC) realigned its organizational structure in 2017, integrating like functions previously performed independently by the U.S. Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). These selected vulnerabilities are the mandated baseline, or minimum configuration of all hosts residing on the GIG. US-CERT analyzes each vulnerability and determines if it is necessary or beneficial to the Department of Defense to release it as an IAVA. Implementation of IAVA policy will help ensure that DoD Components take appropriate mitigating actions against vulnerabilities to avoid serious compromises to DoD computer system assets that would potentially degrade mission performance.
Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences.
The EINSTEIN System is an network intrusion detection and prevention system that monitors the networks of US federal government departments and agencies. The system is developed and managed by the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security (DHS).
Phil Reitinger was the Deputy Under Secretary of the National Protection and Programs Directorate (NPPD) and Director of the National Cybersecurity Center (NCSC) at the United States Department of Homeland Security from 2009 to 2011. During that time, Reitinger led the department's integrated efforts to reduce risks across physical and cyber infrastructures and helping secure federal networks and systems by collecting, analyzing, integrating and sharing information among interagency partners.
The Director of the Cybersecurity and Infrastructure Security Agency is a high level civilian official in the United States Department of Homeland Security. The Director, as head of Cybersecurity and Infrastructure Security Agency at DHS, is the principal staff assistant and adviser to both the Secretary of Homeland Security and the Deputy Secretary of Homeland Security for all DHS programs designed to reduce the nation's risk to terrorism and natural disasters. The Director is appointed from civilian life by the President with the consent of the Senate to serve at the pleasure of the President.
The Command, Control and Interoperability Division is a bureau of the United States Department of Homeland Security's Science and Technology Directorate, run by Dr. David Boyd. This division is responsible for creating informative resources(including standards, frameworks, tools, and technologies) that strengthen communications interoperability, improve Internet security, and integrity and accelerate the development of automated capabilities to help identify potential threats to the U.S.
The Critical Foreign Dependencies Initiative (CFDI) is a strategy and list, maintained by the United States Department of Homeland Security, of foreign infrastructure which "if attacked or destroyed would critically impact the U.S." A copy of the 2008 list was redacted and leaked by WikiLeaks on 5 December 2010 as part of the website's leak of US diplomatic cables; no details on the exact location of the assets was included in the list. In September 2011, WikiLeaks published the unredacted copy of the list. The list's release was met with strong criticism from the US and British governments, while media and other countries have reacted less strongly saying that the entries are not secret and easily identified.
The Stephenson Disaster Management Institute at Louisiana State University is located in the Stephenson National Center for Security Research and Training at LSU.
The National Cybersecurity Alliance (NCA), is an American nonprofit 501(c)(3) organization which promotes cyber security awareness and education. The NCA works with various stakeholders across government, industry, and civil society, promoting partnerships between the federal government and technology corporations. NCA's primary federal partner is the Cybersecurity and Infrastructure Security Agency within the U.S. Department of Homeland Security.
The Cyber Security Division (CSD) is a division of the Science and Technology Directorate (S&T Directorate) of the United States Department of Homeland Security (DHS). Within the Homeland Security Advanced Research Projects Agency, CSD develops technologies to enhance the security and resilience of the United States' critical information infrastructure from acts of terrorism. S&T supports DHS component operational and critical infrastructure protections, including the finance, energy, and public utility sectors, as well as the first responder community.
The National Cybersecurity and Critical Infrastructure Protection Act of 2013 is a bill that would amend the Homeland Security Act of 2002 to require the Secretary of the Department of Homeland Security (DHS) to conduct cybersecurity activities on behalf of the federal government and would codify the role of DHS in preventing and responding to cybersecurity incidents involving the Information Technology (IT) systems of federal civilian agencies and critical infrastructure in the United States.
The National Cybersecurity and Communications Integration Center (NCCIC) is part of the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security. It acts to coordinate various aspects of the U.S. federal government's cybersecurity and cyberattack mitigation efforts through cooperation with civilian agencies, infrastructure operators, state and local governments, and international partners.
The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.
Jacob H. Braun is an American politician, cyber and national security expert. He was appointed by President Joseph Biden as the U.S. Department of Homeland Security (DHS) Secretary's Senior Advisor to the Management Directorate. Braun is also a lecturer at the University of Chicago’s Harris School of Public Policy Studies where he teaches courses on cyber policy and election security. He previously served as the Executive Director for the University of Chicago Harris Cyber Policy Initiative (CPI).
National Initiative for Cybersecurity Careers and Studies (NICCS) is an online training initiative and portal built as per the National Initiative for Cybersecurity Education framework. This is a federal cybersecurity training subcomponent, operated and maintained by Cybersecurity and Infrastructure Security Agency.
Operational collaboration is a cyber resilience framework that leverages public-private partnerships to reduce the risk of cyber threats and the impact of cyberattacks on United States cyberspace. This operational collaboration framework for cyber is similar to the Federal Emergency Management Agency (FEMA)'s National Preparedness System which is used to coordinate responses to natural disasters, terrorism, chemical and biological events in the physical world.
This article incorporates public domain material from websites or documents of the United States Department of Homeland Security .