Mission

The National Cyber Security Division (NCSD) works collaboratively with public, private and international entities to secure cyberspace and America’s cyber assets.

Strategic Objectives

To protect the cyber infrastructure, NCSD has identified two overarching objectives:

• To build and maintain an effective national cyberspace response system
• To implement a cyber-risk management program for protection of critical infrastructure.

Organization and Functions

NCSD works to achieve its strategic objectives through the following programs:

National Cyberspace Response System

The National Cyber Security Division seeks to protect the critical cyber infrastructure 24 hours a day, 7 days a week. The National Cyberspace Response System coordinates the cyber leadership, processes, and protocols that will determine when and what action(s) need to be taken as cyber incidents arise. Examples of current cyber preparedness and response programs include:

• Cybersecurity Preparedness and the National Cyber Alert System - Cyber threats are constantly changing. Both technical and non-technical computer users can stay prepared for these threats by receiving current information by signing up for the National Cyber Alert System.
• US-CERT Operations - US-CERT is responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.
• National Cyber Response Coordination Group - Made up of 13 federal agencies, this is the principal federal agency mechanism for cyber incident response. In the event of a nationally significant cyber-related incident, the NCRCG will help to coordinate the federal response, including US-CERT, law enforcement and the intelligence community.
• Cyber Cop Portal – Coordination with law enforcement helps capture and convict those responsible for cyber attacks. The Cyber Cop Portal is an information sharing and collaboration tool accessed by over 5,300 investigators worldwide who are involved in electronic crimes cases.

Federal Network Security (FNS)

The Federal Network Security branch serves as the single, accountable focal point for achieving an enterprise model dedicated to federal cyber infrastructure security. FNS is driving change across federal executive civilian departments and agencies that will enhance the cybersecurity posture of the federal government.

Cyber-Risk Management Programs

Through Cyber Risk Management, the National Cyber Security Division seeks to assess risk, prioritize resources, and execute protective measures critical to securing our cyber infrastructure. Examples of current cyber risk management programs include:

• Cyber Exercises: Cyber Storm - Cyber Storm is an international cybersecurity exercise series that takes place every two years (February 2006, March 2008, Fall 2010) to assess preparedness capabilities in response to a cyber incident of national significance. Cyber Storm was the Department of Homeland Security’s first cyber exercise testing response across the private sector as well as international, federal and state governments.
• National Cybersecurity Awareness Month - Every October the National Cyber Security Division coordinates with multiple states, universities and the private sector to produce National Cybersecurity Awareness month.
• Software Assurance Program - This program seeks to reduce software vulnerabilities, minimize exploitation, and address ways to improve the routine development and deployment of trustworthy software products. Together, these activities will enable more secure and reliable software that supports mission requirements across enterprises and the critical infrastructure.

Resources

• Build Security In
• National Vulnerability Database
• OnGuard OnLine  

Authorities

• Homeland Security Presidential Directive 7