U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. News
  3. Publications Library
  4. Cybersecurity


Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.

  • Cyber Mission Overview

    Overview of the Cyber Mission of the Department of Homeland Security, a top priority of the Biden-Harris Administration.

  • Cryptographic Agility Infographic

    The Cryptographic Agility Infographic illustrates a design feature that enables updates to future cryptographic algorithms and standards without the need to modify or replace the surrounding infrastructure.

  • DHS Space Policy

    Within the homeland security enterprise, space-based systems play a critical role in securing the homeland as DHS components and partners rely heavily on space systems to provide information and communications necessary for mission success. The DHS Space Policy guides component efforts internally and across the homeland security enterprise.

  • DHS Cybersecurity Service Overview for Potential Applicants

    Information about the DHS Cybersecurity Service.

  • 2017 NTTX Situation Manual

    This exercise is a part of a two-day event including seminars/workshops and a tabletop exercise (TTX) geared toward examining issues related to cybersecurity impacting physical infrastructure systems on college and university campuses. The TTX portion of the event consists of a scenario-driven, facilitated discussion and is designed to examine roles, responsibilities, authorities, and capabilities to enhance the resilience of institutions of higher education.

  • Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government

    Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government

  • DHS/CISA/PIA-026 National Cybersecurity Protection System (NCPS)

    The National Cybersecurity Protection System (NCPS) is an integrated system for intrusion detection, analysis, intrusion prevention, and information sharing capabilities that are used to defend the federal civilian government’s information technology infrastructure from cyber threats. The NCPS includes the hardware, software, supporting processes, training, and services that are developed and acquired to support its mission. The Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), National Cyber Security Division (NCSD) is conducting this Privacy Impact Assessment (PIA) because personally identifiable information (PII) may be collected by the NCPS, or through submissions of known or suspected cyber threats received by the United States–Computer Emergency Readiness Team (US-CERT) for analysis. This PIA will serve as a replacement for previously published PIAs submitted by NSCD for the 24/7 Incident Handling Center (March 29, 2007), and the Malware Lab Network (May 4, 2010), and is a program-focused PIA to better characterize the efforts of NCPS and US-CERT.

  • DHS/CISA/PIA-029 Automated Indicator Sharing

    The Department of Homeland Security (DHS) National Protection and Programs Directorate’s (NPPD) Office of Cybersecurity and Communications (CS&C) has developed an Automated Indicator Sharing (AIS) initiative to enable the timely exchange of cyber threat indicators and defensive measures among federal and non-federal entities. These cyber threat indicators and defensive measures are shared consistent with the need to protect information systems from cybersecurity threats, mitigate cybersecurity threats, and comply with any other applicable provisions of law authorized by the Cybersecurity Information Sharing Act of 2015 (CISA) in a manner that ensures appropriate incorporation of privacy, civil liberties, and other compliance protections. Central to the AIS initiative and consistent with the requirements of CISA, the DHS National Cybersecurity and Communications Integration Center (NCCIC) serves as the centralized hub for exchanging cybersecurity threat information using a DHS-accredited infrastructure. NPPD is conducting this Privacy Impact Assessment (PIA) because personally identifiable information (PII) may be submitted as part of or accompanying a cyber threat indicator or defensive measure. This PIA updates and retires DHS/NPPD/PIA-029 Automated Indicator Sharing PIA, issued October 28, 2015.

  • DHS/CISA/PIA-030 Continuous Diagnostics and Mitigation (CDM)

    The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) developed the Continuous Diagnostics and Mitigation (CDM) program to support government-wide and agency-specific efforts to implement adequate, risk-based, and cost-effective cybersecurity. CDM provides continuous monitoring, diagnostics, and mitigation tools and services to strengthen the security posture of participating federal civilian departments and agencies’ systems and networks through the establishment of a suite of capabilities that enables network security officials and administrators to know the state of their respective networks at any given time, informs Chief Information Officers (CIO) and Chief Information Security Officers (CISO) on the relative risks of threats, and makes it possible for government personnel to identify and mitigate vulnerabilities. This PIA Update is being conducted to assess the privacy risks related to the CDM Shared Service Platform, which makes CDM capabilities available for use by non-Chief Financial Officer (CFO) Act agencies. The Shared Service Platform is provided to non-CFO Act agencies using a third-party contractor to CISA that connects the agency’s network(s) to the platform. Additionally, this PIA Update examines the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) capability. The CDM AWARE capability allows participating agencies to better assess and prioritize cybersecurity risks by assigning a risk score to agency vulnerabilities.

  • DPIAC Recommendations Report 2012-01

    DPIAC Recommendations Report 2012-01