What is the NCCIC ICS mission?
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) includes a mission to promote a cohesive effort between government and industry to improve the cyber security posture of industrial control systems (ICS) within the nation's critical infrastructure. NCCIC assists control systems vendors and asset owners/operators to identify security vulnerabilities and develop sound mitigation strategies that strengthen their ICS cyber security posture and reduce risk.
What are the US critical infrastructure sectors?
Presidential Policy Directive 21 (PPD-21), National Infrastructure Protection Plan (NIPP), and federal policies identified and categorized U.S. critical infrastructure into the following 16 critical infrastructure sectors:
- Commercial Facilities
- Critical Manufacturing
- Defense Industrial Base
- Emergency Services
- Financial Services
- Food and Agriculture
- Government Facilities
- Healthcare and Public Health
- Information Technology
- Nuclear Reactors, Materials, and Waste
- Transportation Systems
- Water and Wastewater Systems
How does the NCCIC ICS team coordinate work with other government stakeholders?
NCCIC established the Control Systems Security Working Group (CSSWG), which provides a forum for federal stakeholders through which the federal government can communicate and coordinate its efforts to improve control systems cyber security in critical infrastructure. These efforts foster interaction and collaboration between and among federal departments and agencies regarding control systems cyber security initiatives.
The CSSWG teams individuals from various federal departments and agencies who have roles and responsibilities involved with securing industrial control systems within US critical infrastructure. Because many cyber security challenges are similar from sector to sector, this collaborative effort benefits the nation by promoting and leveraging existing work and maximizing efficient resource use.
Who are NCCIC’s partners?
NCCIC exchanges information across the global cyber security community to improve the security of the Nation’s critical infrastructure and the systems and assets on which Americans depend. Partners with which NCCIC may share anonymized information include U.S. federal agencies, private sector organizations, the research community, SLTT governments, and international entities.
What other services does NCCIC offer?
NCCIC stakeholders include the Federal Government; state, local, tribal, and territorial (SLTT) governments; the
private sector; and international partners. All services listed in the below menus are available at no cost.
NCCIC Service Menus
- Federal Government
- Private Industry Partners
- State, Local, Tribal, and Territorial Governments
- International Partners
What types of informational products does NCCIC offer? How do I sign up to receive these products?
NCCIC shares timely, actionable information to the broadest extent possible.
Subscriptions are available to all users for:
- Advisories, containing a summary current security issues, vulnerabilities, and exploits.
- Alerts, of provides timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks.
To receive one or more NCCIC products via email, visit our Mailing Lists and Feeds webpage.
NCCIC also co-sponsors the NVD—the U.S. Government’s repository of standards-based vulnerability management data.
What happens if I share my info with NCCIC?
As a global information exchange hub, NCCIC bears a significant responsibility to protect the information we receive and to ensure we safeguard privacy, business confidentiality, civil rights, and civil liberties. We take this responsibility extremely seriously and we do everything in our power to earn our stakeholders’ trust by maintaining the confidentiality of sensitive information.
NCCIC routinely leverages the information sharing Traffic Light Protocol (TLP). TLP is not a classification tool, rather an intuitive schema to guide distribution according to relative risk.
The NCCIC also serves as the Federal Government’s capability and process for receiving cyber threat indicators and defensive measures from non-federal entities under the Cybersecurity Information Sharing Act of 2015. Non-federal entities sharing cyber threat indicators and defensive measures with the NCCIC in compliance with CISA’s requirements are eligible for multiple protections spelled out in CISA. These include:
- Liability protection for sharing cyber threat indicators.
- Exemption from disclosure under state and federal disclosure laws, including the Freedom of Information Act (FOIA).
- Exemption from state and federal regulatory uses.
- No waiver of applicable privileges, such as the attorney-client privilege.
- Treatment as commercial, financial, or proprietary information when so designated by the submitter.
- Ex parte communications waiver.
- Exemption from federal antitrust laws.
For more information, consult the Non-Federal Entity Sharing Guidance under the Cybersecurity Information Sharing Act of 2015, posted at https://www.us-cert.gov/ais.
In addition, entities can submit information for protection under the Critical Infrastructure Information Act of 2002. Once validated by DHS as Protected Critical Infrastructure Information (PCII), this information is protected from:
- Exemption from disclosure under state and federal disclosure laws, including the Freedom of Information Act (FOIA),
- Protection from use in regulatory actions, and
- Protection from use in civil litigation.
Only trained and certified federal, state, and local government employees or contractors may access PCII and only in accordance with strict safeguarding and handling requirements. In all instances, NCCIC prioritizes the security and privacy of information when sharing with its partners.
I work within the ICS community, and I am interested in joining the NCCIC team. How do I find information about opportunities at NCCIC?