The Department of Homeland Security is responsible for protecting our Nation's critical infrastructure from physical and cyber threats. Cyberspace enables businesses and government to operate, facilitates emergency preparedness communications, and enables critical control systems processes. Protecting these systems is essential to the resilience and reliability of the Nation's critical infrastructure and key resources and to our economic and national security.
The NCCIC serves as a central location where a diverse set of partners involved in cybersecurity and communications protection coordinate and synchronize their efforts. NCCIC's partners include other government agencies, the private sector, and international entities. Working closely with its partners, NCCIC analyzes cybersecurity and communications information, shares timely and actionable information, and coordinates response, mitigation and recovery efforts.
To operate at the intersection of government, private sector, and international network defense communities, applying unique analytic perspectives, ensuring shared situational awareness, and orchestrating synchronized response, mitigation, and recovery efforts while protecting the Constitutional and privacy rights of Americans in both the cybersecurity and communications domains.
To operate at the intersection of the private sector, civilian, law enforcement, intelligence, and defense communities, applying unique analytic perspectives, ensuring shared situational awareness, and orchestrating synchronized response efforts while protecting the Constitutional and privacy rights of Americans in both the Cybersecurity and communications domains.
The NCCIC's missions include:
- Leading the protection of federal civilian agencies in cyberspace;
- Working closely together with critical infrastructure owners and operators to reduce risk;
- Collaborating with state and local governments through the Multi-State Information Sharing and Analysis Center (MS-ISAC);
- Cooperating with international partners to share information and respond to incidents;
- Coordinating national response to significant cyber incidents in accordance with the National Cyber Incident Response Plan (NCIRP);
- Analyzing data to develop and share actionable mitigation recommendations
- Creating and maintaining shared situational awareness among its partners and constituents;
- Orchestrating national protection, prevention, mitigation, and recovery activities associated with significant cyber and communication incidents;
- Disseminating cyber threat and vulnerability analysis information;
- Assisting in the initiation, coordination, restoration, and reconstitution of National Security or Emergency Preparedness (NS/EP) telecommunications services and facilities under all conditions, crises, or emergencies; and
- Executing Emergency Support Function 2- Communications (ESF-2) responsibilities under the National Response Framework (NRF).
The NCCIC is comprised of four branches:
- NCCIC Operations & Integration (NO&I );
- United States Computer Emergency Readiness Team (US-CERT);
- Industrial Control Systems Cyber Emergency Response Team (ICS-CERT); and
- National Coordinating Center for Telecommunications (NCC).
As mutually supporting, fully integrated elements of the NCCIC, these branches provide the authorities, capabilities, and partnerships necessary to lead a whole-of-nation approach to addressing cybersecurity and communications issues at the operational level.
NO&I plans, coordinates, and integrates capabilities to synchronize analysis, information sharing, and incident management efforts across the NCCIC's branches and activities.
US-CERT brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nation's networks. US-CERT develops timely and actionable information for distribution to federal departments and agencies, state and local governments, private sector organizations, and international partners. In addition, US-CERT operates the National Cybersecurity Protection System (NCPS), which provides intrusion detection and prevention capabilities to covered federal departments and agencies.
ICS-CERT reduces risk to the nation's critical infrastructure by strengthening control systems security through public-private partnerships. ICS-CERT has four focus areas: situational awareness for CIKR stakeholders; control systems incident response and technical analysis; control systems vulnerability coordination; and strengthening cybersecurity partnerships with government departments and agencies.
NCC leads and coordinates the initiation, restoration, and reconstitution of NS/EP telecommunications services or facilities under all conditions. NCC leverages partnerships with government, industry and international partners to obtain situational awareness and determine priorities for protection and response.
The NCCIC relies heavily on voluntary collaboration with its partners. The NCCIC works closely with federal departments and agencies and actively engages with private sector companies and institutions, along with state, local, tribal, and territorial governments, and international counterparts. Each group of stakeholders represents a community of practice, working together to protect the portions of critical information technology that they own, operate, manage, or interact with.
All media inquiries about the NCCIC and its missions, roles, and responsibilities should be directed to CS&C External Affairs at firstname.lastname@example.org