Protecting critical infrastructure against growing and evolving cyber threats requires a layered approach. The Department of Homeland Security (DHS) actively collaborates with public and private sector partners every day to respond to and coordinate mitigation efforts against attempted disruptions and adverse impacts to the nation’s critical cyber and communications networks and infrastructure.
As the federal government’s lead agency for coordinating the protection, prevention, mitigation, and recovery from cyber incidents, DHS works regularly with business owners and operators to strengthen their facilities and communities. The DHS Enhanced Cybersecurity Services (ECS) program was originally expanded in February 2013 by Executive Order 13636 - Improving Critical Infrastructure Cybersecurity, to extend ECS to all 16 Critical Infrastructure (CI) companies. As a result of increased demand and need for cybersecurity protection across the nation, the program has expanded further and now allows approved Commercial Service Providers (CSPs) to extend their ECS customer base to all U.S.-based public and private entities.
ECS is a voluntary information sharing program that assists U.S.-based public and private entities as they improve the protection of their systems from unauthorized access, exploitation, or data exfiltration. DHS works with cybersecurity organizations from across the federal government to gain access to a broad range of sensitive and classified cyber threat information. DHS develops cyber threat indicators based on this information and shares them with qualified Commercial Service Providers (CSPs), thus enabling them to better protect their customers. ECS augments, but does not replace, entities’ existing cybersecurity capabilities.
The ECS program does not involve government monitoring of private networks or communications. Under the ECS program, information relating to threats and malware activities detected by the CSPs is not directly shared between the critical infrastructure CSP customers and the government. However, when a CSP customer voluntarily agrees, the CSP may share limited and anonymized information with ECS.
For more information and Enhanced Cybersecurity Services view the ECS Program Factsheet.
U.S.-Based Public and Private Entities
Most entities already utilize publicly available commercial cybersecurity solutions to protect their networks. The ECS program offers an enhanced approach to protecting these entities by providing U.S. Government cyber threat indicators. This approach supports the delivery of enhanced capabilities to eligible U.S.-based public and private entities.
Participation in the program is voluntary and is designed to protect government information, corporate information security, and the privacy of participants, while enhancing security. All U.S.-based public and private entities are eligible to participate in the ECS program and receive ECS services from qualified CSPs.
Commercial Service Providers
CSPs receive cyber threat indicators from DHS and use it to offer specified services to their customers in a secure environment in order to ensure the security of government furnished information.
CSPs deliver services to eligible U.S.-based public and private entities through commercial relationships. The ECS program is not involved in establishing the commercial relationships between CSPs and its potential customers. As of April 2015, the following CSPs are approved to provide ECS services:
Sector Specific Agencies
Sector Specific Agencies (SSAs) and DHS form a critical partnership within the ECS program. The role of the SSA is to leverage existing relationships with critical infrastructure entities to expand and improve ECS. The SSA is also responsible for helping to characterize risks and threats unique to critical infrastructure entities in their respective sectors. This characterization will enable the federal government to deliver the most effective indicators relevant to ECS Protected Entities. SSAs also serve as a vital conduit to DHS for data leading to requirements that will drive the development of ECS program capabilities.
Privacy and Civil Liberties
DHS embeds privacy protections and provides transparency in all its cyber activities. DHS uses the Fair Information Practice Principles (FIPPs) to assess and mitigate impacts on an individual’s privacy. DHS has conducted and published a Privacy Impact Assessment (PIA) for the ECS program. To read more about the FIPPs, the ECS PIA, and related cyber programs, visit: http://www.dhs.gov/cybersecurity-and-privacy.
For more information, contact ECS_Program@HQ.DHS.gov.