The U.S. Congress established standards for protecting critical infrastructure information (CII) through the CII Act of 2002. In response, DHS created the Protected Critical Infrastructure Information (PCII) program to safeguard sensitive infrastructure information voluntarily shared with the government for homeland security purposes. PCII is a key part of efforts designed to protect the Nation’s critical infrastructure from cyber-attacks.
Once validated as PCII, the information is protected from:
- Disclosure in response to a Freedom of Information Act request,
- Disclosure through relevant State, local, tribal, or territorial disclosure laws,
- Use in civil litigation, or
- Use for regulatory purposes.
How is PCII used by DHS?
The DHS Office of Cybersecurity & Communications (CS&C), including operational elements of the National Cybersecurity & Communications Integration Center, may use PCII to:
- Help secure critical infrastructure and protected systems,
- Provide incident response support to the control systems community,
- Identify vulnerabilities and develop risk assessments, and
- Gain a deeper understanding of cybersecurity threats.
PCII can only be accessed in accordance with strict safeguarding and handling requirements throughout the course of these efforts. Only trained and certified U.S. government employees or contractors may use PCII. All users of PCII must have homeland security responsibilities and duties, possess a valid need-to-know, and sign a non-disclosure agreement, when appropriate.
How can I learn more?
CS&C offers a wide array of products and services to improve the protection of critical infrastructure. The CS&C Cyber Information Sharing and Collaboration Program (CISCP) facilitates information exchange between DHS and critical infrastructure owners and operators. For more information about CISCP, please email email@example.com.
The Office of Infrastructure Protection (IP) provides an IP Gateway, which is available to State, local, tribal and territorial governments, to enhance collaboration in support of infrastructure protection mission activities. Learn how the IP Gateway can support your organization’s homeland security efforts by contacting the IP Gateway Help Desk at IPGateway@hq.dhs.gov.
Read about the PCII Program at http://www.DHS.gov/PCII. Learn more about resources available to critical infrastructure entities including the Critical Infrastructure Cyber Community Voluntary Program.