Official website of the Department of Homeland Security
What is ICS-CERT's mission?
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) includes the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), whose mission is to guide a cohesive effort between government and industry to improve the cyber security posture of control systems within the nation's critical infrastructure. NCCIC/ICS-CERT assists control systems vendors and asset owners/operators to identify security vulnerabilities and develop sound mitigation strategies that strengthen their cyber security posture and reduce risk.
What are the US critical infrastructure sectors?
Presidential Policy Directive 21 (PPD-21), National Infrastructure Protection Plan (NIPP), and federal policies identified and categorized U.S. critical infrastructure into the following 16 critical infrastructure sectors:
- Chemical
- Commercial Facilities
- Communications
- Critical Manufacturing
- Dams
- Defense Industrial Base
- Emergency Services
- Energy
- Financial Services
- Food and Agriculture
- Government Facilities
- Healthcare and Public Health
- Information Technology
- Nuclear Reactors, Materials, and Waste
- Transportation Systems
- Water and Wastewater Systems
How does ICS-CERT coordinate work with other government stakeholders?
ICS-CERT has established the Control Systems Security Working Group (CSSWG), which provides a forum for federal stakeholders through which the federal government can communicate and coordinate its efforts to improve control systems cyber security in critical infrastructure. These efforts foster interaction and collaboration between and among federal departments and agencies regarding control systems cyber security initiatives.
The CSSWG teams individuals from various federal departments and agencies who have roles and responsibilities involved with securing industrial control systems within US critical infrastructure. Because many cyber security challenges are similar from sector to sector, this collaborative effort benefits the nation by promoting and leveraging existing work and maximizing efficient resource use.
How is the ICS-CERT working with industry?
ICS-CERT partners with members of the control systems community to help develop and vet recommended practices, provide guidance in support of ICS-CERT incident response capability, and participate in leadership working groups to ensure the community's cyber security concerns are considered in our products and deliverables.
ICS-CERT facilitates discussions between the federal government and the control systems vendor community, establishing relationships that foster an collaborative environment in which to address common control systems cyber security issues. ICS-CERT is also developing a suite of tools, which will provide asset owners and operators with the ability to measure the security posture of their control systems environments and to identify the appropriate cyber security mitigation measures they should implement.
How does the program protect submitted information?
The DHS Protected Critical Infrastructure Information Program (PCII Program) was established in response to the Critical Infrastructure Information Act of 2002 (CII Act). The PCII Program creates a new framework for protecting certain types of information. The PCII program enables members of the private sector to, for the first time, voluntarily submit confidential information regarding the nation's critical infrastructure to DHS with the assurance that the information will be protected from public disclosure.
All work performed by associated national laboratories is protected through contractual agreements. These agreements protect proprietary information, allowing it to be viewed securely and only by individuals performing work related to each project.
How can I participate?
ICS-CERT's success depends on the active involvement of the control systems community to provide insight for the program. Many opportunities exist to participate in this important work, including helping with standards bodies, industry work groups, and various forums.
Control systems community submissions of cyber incidents and vulnerabilities to ICS-CERT is essential to its ability to provide national level situational awareness for the the nation's critical control systems cyber security status. Submissions can be made through the ICS-CERT Web site Home page.
How do I contact the ICS-CERT?
If you would like to contact ICS-CERT please send inquiries to:
Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Email: [email protected]
Phone (US): 1-877-776-7585 (US only); 1-208-526-0900 (International)
Postal Address:
ICS-CERT
US Department of Homeland Security
Mail Stop 8500
245 Murray Lane, SW, Building 410
Washington, DC 20528