The United States depends on Critical Infrastructure to support national defense, public health and safety, economic vitality, and overarching society well-being. Disruptions or significant damage to Critical Infrastructure could result in potentially catastrophic and cascading consequences to the Nation. Here’s what DHS does during an incident against critical information technology systems.
- The Secretary of Homeland Security is the principal Federal official for domestic incident management.
- Coordinates the Federal Government’s resources to be utilized in response to, or recover from terrorist attacks, major disasters, or other emergencies.
National Protection and Programs Directorate
- The National Cybersecurity and Communications Integration Center (NCCIC) is a 24/7 cyber situational awareness, incident response, and management center that is the national nexus of cyber and communications integration for the Federal Government, intelligence community, and law enforcement.
- NCCIC’s watch floor operations are the primary point of threat, vulnerability, and incident detection.
- NCCIC’s watch floor operations provide all aspects of incident response services, including digital media analysis and onsite response; recover and mitigation support; vulnerability coordination and disclosure.
- NCCIC maintains situational awareness alerts and advisories to warn of cyber threats affecting the nation’s critical infrastructure.
- The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)—part of the NCCIC—works closely with government at all levels and the private sector to coordinate, share capabilities, and tools that help control systems owners and operators prevent, protect against, mitigate and respond to cyber threats and incidents.
United States Immigration and Customs Enforcement (ICE)
- ICE’s Cyber Crimes Center (C3) supports federal, state, local and international law enforcement agencies.
- C3’s computer forensics laboratory recovers digital evidence from computers and other devices that may have been used in intrusions.
United States Secret Service (USSS)
- Secret Service’s Electronic Crimes Task Forces focus on identifying and locating international cyber criminals connected to cyber intrusions, bank fraud, data breaches, and other computer related crimes.
- Secret Service’s Cyber Intelligence Section develops intelligence that directly contributes to the arrest of transnational cyber criminals.