The Department of Homeland Security is responsible for protecting our Nation’s critical infrastructure from physical and cyber threats. Cyberspace has united once distinct information structures, including our business and government operations, our emergency preparedness communications, and our critical digital and process control systems and infrastructures. Protection of these systems is essential to the resilience and reliability of the Nation’s critical infrastructure and key resources; therefore, to our economic and national security.
The National Cybersecurity & Communications Integration Center (NCCIC), within the Office of Cybersecurity and Communications, serves as a centralized location where operational elements involved in cybersecurity and communications reliance are coordinated and integrated. NCCIC partners include all federal departments and agencies; state, local, tribal, and territorial governments; the private sector; and international entities. The centers activities include providing greater understanding of cybersecurity and communications situation awareness vulnerabilities, intrusions, incidents, mitigation, and recovery actions.
A world class cybersecurity and communications organization performing cutting edge analysis, sharing actionable and comprehensive information in real time, and ensuring a whole-of-nation approach to response, mitigation, and recovery efforts
To operate at the intersection of the private sector, civilian, law enforcement, intelligence, and defense communities, applying unique analytic perspectives, ensuring shared situational awareness, and orchestrating synchronized response efforts while protecting the Constitutional and privacy rights of Americans in both the cybersecurity and communications domains.
The NCCIC’s missions include:
- Leading the protection of federal civilian agencies in cyberspace;
- Working closely together with critical infrastructure owners and operators to reduce risk;
- Collaborating with state and local governments through the Multi-State Information Sharing and Analysis Center (MS-ISAC);
- Cooperating with international partners to share information and respond to incidents;
- Coordinating national response to significant cyber incidents in accordance with the National Cyber Incident Response Plan (NCIRP);
- Analyzing data to develop and share actionable mitigation recommendations
- Creating and maintaining shared situational awareness among its partners and constituents;
- Orchestrating national protection, prevention, mitigation, and recovery activities associated with significant cyber and communication incidents;
- Disseminating cyber threat and vulnerability analysis information; and
- Assisting in the initiation, coordination, restoration, and reconstitution of National Security or Emergency Preparedness (NS/EP) telecommunications services and facilities under all conditions, crises, or emergencies, including executing Emergency Support Function 2- Communications (ESF-2) responsibilities under the National Response Framework (NRF).
The NCCIC is comprised of four branches:
- NCCIC Operations and Integration (NO&I);
- United States Computer Emergency Readiness Team (US-CERT);
- Industrial Control Systems Cyber Emergency Response Team (ICS-CERT); and
- National Coordinating Center for Telecommunications (NCC).
As mutually supporting, fully integrated elements of the NCCIC, these branches provide the authorities, capabilities, and partnerships necessary to lead a whole-of-nation approach to addressing cybersecurity and communications issues at the operational level.
NO&I engages in planning, coordination, and integration capabilities to synchronize analysis, information sharing, and incident response efforts across the NCCIC’s branches and activities.
US-CERT brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nation’s networks. US-CERT develops timely and actionable information for distribution to federal departments and agencies, state and local governments, private sector organizations, and international partners. In addition, US-CERT operates the National Cybersecurity Protection System (NCPS), which provides intrusion detection and prevention capabilities to covered federal departments and agencies.
ICS-CERT reduces risk to the nation’s critical infrastructure by strengthening control systems security through public-private partnerships. ICS-CERT has four focus areas: situational awareness for CIKR stakeholders; control systems incident response and technical analysis; control systems vulnerability coordination; and strengthening cybersecurity partnerships with government departments and agencies.
NCC leads and coordinates the initiation, restoration, and reconstitution of NS/EP telecommunications services or facilities under all conditions. NCC leverages partnerships with government, industry and international partners to obtain situational awareness and determine priorities for protection and response.
The NCCIC also relies heavily on voluntary collaboration with its partners. The NCCIC works closely with those federal departments and agencies most responsible for securing the government’s cyber and communications systems, and actively engages with private sector companies and institutions, state, local, tribal, and territorial governments, and international counterparts. Each group of stakeholders represents a community of practice, working together to protect the portions of critical information technology that they own, operate, manage, or interact with.
All media inquiries about the NCCIC and its missions, roles, and responsibilities should be directed to CS&C External Affairs at firstname.lastname@example.org