U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.

  • DHS/CISA/PIA-026 National Cybersecurity Protection System (NCPS)

    The National Cybersecurity Protection System (NCPS) is an integrated system for intrusion detection, analysis, intrusion prevention, and information sharing capabilities that are used to defend the federal civilian government’s information technology infrastructure from cyber threats. The NCPS includes the hardware, software, supporting processes, training, and services that are developed and acquired to support its mission. The Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), National Cyber Security Division (NCSD) is conducting this Privacy Impact Assessment (PIA) because personally identifiable information (PII) may be collected by the NCPS, or through submissions of known or suspected cyber threats received by the United States–Computer Emergency Readiness Team (US-CERT) for analysis. This PIA will serve as a replacement for previously published PIAs submitted by NSCD for the 24/7 Incident Handling Center (March 29, 2007), and the Malware Lab Network (May 4, 2010), and is a program-focused PIA to better characterize the efforts of NCPS and US-CERT.

  • DHS/CISA/PIA-029 Automated Indicator Sharing

    The Department of Homeland Security (DHS) National Protection and Programs Directorate’s (NPPD) Office of Cybersecurity and Communications (CS&C) has developed an Automated Indicator Sharing (AIS) initiative to enable the timely exchange of cyber threat indicators and defensive measures among federal and non-federal entities. These cyber threat indicators and defensive measures are shared consistent with the need to protect information systems from cybersecurity threats, mitigate cybersecurity threats, and comply with any other applicable provisions of law authorized by the Cybersecurity Information Sharing Act of 2015 (CISA) in a manner that ensures appropriate incorporation of privacy, civil liberties, and other compliance protections. Central to the AIS initiative and consistent with the requirements of CISA, the DHS National Cybersecurity and Communications Integration Center (NCCIC) serves as the centralized hub for exchanging cybersecurity threat information using a DHS-accredited infrastructure. NPPD is conducting this Privacy Impact Assessment (PIA) because personally identifiable information (PII) may be submitted as part of or accompanying a cyber threat indicator or defensive measure. This PIA updates and retires DHS/NPPD/PIA-029 Automated Indicator Sharing PIA, issued October 28, 2015.

  • DHS/CISA/PIA-030 Continuous Diagnostics and Mitigation (CDM)

    The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) developed the Continuous Diagnostics and Mitigation (CDM) program to support government-wide and agency-specific efforts to implement adequate, risk-based, and cost-effective cybersecurity. CDM provides continuous monitoring, diagnostics, and mitigation tools and services to strengthen the security posture of participating federal civilian departments and agencies’ systems and networks through the establishment of a suite of capabilities that enables network security officials and administrators to know the state of their respective networks at any given time, informs Chief Information Officers (CIO) and Chief Information Security Officers (CISO) on the relative risks of threats, and makes it possible for government personnel to identify and mitigate vulnerabilities. This PIA Update is being conducted to assess the privacy risks related to the CDM Shared Service Platform, which makes CDM capabilities available for use by non-Chief Financial Officer (CFO) Act agencies. The Shared Service Platform is provided to non-CFO Act agencies using a third-party contractor to CISA that connects the agency’s network(s) to the platform. Additionally, this PIA Update examines the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) capability. The CDM AWARE capability allows participating agencies to better assess and prioritize cybersecurity risks by assigning a risk score to agency vulnerabilities.

  • DPIAC Recommendations Report 2012-01

    DPIAC Recommendations Report 2012-01

  • Highlighting Our Progress in 2011

    Secretary Napolitano highlighted DHS' progress in 2011, emphasizing major steps taken to enhance America's capabilities to guard against terrorism.

  • Loaned Executive Program Assignment Announcement for Senior Advisor, Financial Services Integration, CS&C

    The U.S. Department of Homeland Security (DHS) seeks to bring in one or more Loaned Executive(s) to advise the Office of Cybersecurity & Communications (CS&C) on the development and advancement of integration between the National Cybersecurity and Communications Integration Center (NCCIC) and the “financial services operation center.”

  • Securing the Internet of Things

    Securing the Internet of Things

  • DHS Strategic Industry Conversation

    Strategic Industry Conversations (SIC) are events that enable program area topic discussions between DHS leaders and industry.

  • White Paper on Computer Network Security & Privacy Protection

    In 2010, DHS issued a White Paper on Computer Network Security & Privacy Protection to provide an overview of the Department's cybersecurity responsibilities, the role of the EINSTEIN system in implementing those responsibilities, and the integrated privacy protections.

  • Memorandum on Preparing for Post-Quantum Cryptography

    This memorandum provides guidance to Component Heads to begin preparing for a transition from current cryptography standards to post-quantum encryption now to mitigate risks to data and mission functions.