The Department of Homeland Security (DHS) Enhanced Cybersecurity Services (ECS) program has approved its Commercial Service Providers (CSPs) to offer a new capability called Netflow Analysis, which will allow the CSPs to more effectively identify and analyze malicious activity transiting their customers’ networks.
Through the ECS program, DHS provides CSPs with classified or sensitive information about known cyber threats. The CSPs, in turn, use this information to protect their customers against unauthorized access, exploitation, and data exfiltration.
Privacy is fundamental to all DHS cybersecurity programs. DHS’s Privacy Office recently completed an update to the ECS Privacy Impact Assessment (PIA), and the updated PIA notes that the Netflow Analysis capability does not enable DHS to collect, store, or in any way utilize personally identifiable information, and thus does not result in significant privacy risks. None of the ECS capabilities, including Netflow Analysis, involve government monitoring of private networks or communications.
Netflow Analysis joins two other existing ECS capabilities: Domain Name Service (DNS) Sinkholing and Email Filtering. CSP customers may subscribe to any or all of the ECS capabilities, depending on their needs. U.S.-based organizations including state, local, tribal, or territorial governments interested in ECS should reach out directly to the four accredited CSPs for enrollment information:
- AT&T (firstname.lastname@example.org)
- CenturyLink (email@example.com)
- Lockheed Martin (firstname.lastname@example.org)
- Verizon (email@example.com)
Over the past year, the DHS ECS program has reached several exciting milestones. In June 2015, ECS expanded eligibility requirements beyond critical infrastructure to allow all U.S.-based public and private organizations to receive services, while in August 2015, ECS accredited a fourth CSP, Lockheed Martin. We are always striving to improve services and capabilities for this important program.