The Department of Homeland Security (DHS) Office of Cybersecurity and Communications (CS&C) works collaboratively with public, private, and international entities to secure cyberspace and America’s cyber assets. CS&C established the Network Security Deployment (NSD) Division in support of that mission. NSD provides development, acquisition, deployment, operational, and customer support to satisfy the Department’s mission requirements under the Comprehensive National Cybersecurity Initiative (CNCI). Specifically, NSD’s mission is to improve cybersecurity to federal departments, agencies, and partners by developing the technologies and establishing the services needed to fulfill CS&C’s cybersecurity mission. To meet that mission need, NSD designs, develops, deploys, and sustains the National Cybersecurity Protection System (NCPS), which provides intrusion detection, advanced analytics, information sharing, and intrusion prevention capabilities that combat and mitigate cyber threats to the federal Executive Branch information and networks.
NSD is comprised of five branches that support the design, development, deployment and sustainment of the NCPS:
- Investments & Contract Management
- Systems Engineering & Acquisition Oversight
- System Sustainment & Operations
- Capability Development
- Services Integration
Investment & Contracts Management
The Investment and Contract Management (I&CM) branch of NSD is responsible for planning for, executing, and managing the acquisition strategy for NCPS, including preparing statements of work, independent government cost estimates, and other related acquisition documentation. The I&CM branch also formulates and executes the NCPS program and project budgets, including all phases of the Planning, Programming, Budget, and Execution process. I&CM develops and manages the NCPS Life Cycle Cost Estimate. Finally, I&CM oversees the performance of contracts in support of NCPS and performs integrated program control activities to ensure the program and project management status information is effectively and efficiently portrayed in a timely manner through program reviews, performance metrics, and program compliance.
Systems Engineering & Acquisition Oversight
The Systems Engineering & Acquisition Oversight (SE&AO) Branch provides systems engineering support for the NCPS, to include serving as a liaison with the system user community (e.g., the National Cybersecurity and Communications Integration Center) throughout the system’s development cycle. SE&AO is responsible for maintaining a close interaction with the system user to ensure that NSD understands the underlying functional requirements, which is critical to developing and delivering an effective capability. SE&AO also ensures successful mission integration through an extensive round of developmental, system, and operational test events and develops secure solutions to interoperability issues by ensuring compliance with data standards, security requirements, interface control documents, and other architecture products. Finally, SE&AO provides program management oversight of the NCPS to ensure capabilities are coordinated and delivered effectively and efficiently. Program management functions include strategic and technical planning, assessment functions, and documenting and tracking program cost, schedule, and risks.
System Sustainment & Operations
NSD’s System Sustainment & Operations Branch is responsible for operating and maintaining NCPS. Operations and maintenance include providing 24x7x365 systems administration and customer support services, Operations Center and Network Operation Center support, configuration management support, logistics support, performing technical refreshes, and performing continuous monitoring on NCPS equipment. The SS&O Branch is also responsible for coordinating with the Capability Development Branch to ensure that the designs of new capabilities work within the existing NCPS architecture.
The Capability Development Branch provides intrusion detection, advanced analytics, information sharing, and intrusion prevention capabilities. Capability Development is responsible for designing, developing, and deploying NCPS system capabilities. Capability Development also interfaces with industry to research emerging technologies and to create capability roadmaps that introduce new technologies into the architecture within a given capability area. Finally, Capability Development ensures that a deployed capability is properly integrated into the program’s core infrastructure and properly transitioned to the NCPS operations and maintenance staff.
The Services Integration Branch leads engagements with departments and agencies on the implementation of major NCPS initiatives that directly affect the departments and agencies and require their participation to implement (e.g., EINSTEIN 3 Accelerated and NCPS Information Sharing capabilities). Services Integration is responsible for developing strategic engagement strategies and coordinating those strategies with the National Security Staff (NSS) Cyber Policy Committee (IPC) and coordinating the signature of Memoranda of Agreement (MOAs), Service Level Agreements (SLAs), and Letters of Agency (LOAs) from the departments and agencies that are required to govern service implementation. Services integration is also responsible for conducting Technical Exchange Meetings (TEMs) to resolve department and agency questions and technical issues prior to implementation.
Building Success Through Partnerships
As a whole, NSD is also enabling DHS’s ability to expand its partnerships with federal agencies, vendors, academia, Information Sharing and Analysis Centers (ISACs), State, local, and tribal governments, and international organizations to become the cybersecurity service provider of choice for the Federal Government. Through its leadership and contributions to critical initiatives such as the EINSTEIN program, Enhanced Cybersecurity Services (ECS), CNCI, stewardship of the National Information Exchange Model (NIEM) cyber domain, and partnerships with industry, NSD is driving national-level efforts to improve the cybersecurity posture of the Federal Government and Critical Infrastructure.