The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) provides a variety of operational capabilities to ensure that critical infrastructure across the nation continues to operate as designed and is well secured. These efforts require continual vigilance and innovative responses to address emerging challenges at a global level. ICS-CERT brings together a community of critical infrastructure stakeholders who work together to improve the national cybersecurity posture and address future needs.
ICS-CERT employs an adaptable and repeatable process to ensure that ICS-CERT vendors, operators, and owners across the country can organize response efforts to address a variety of cybersecurity risks based on their unique needs and capabilities. This framework is not based on a one-size-fits-all organizational construct. Instead, it acknowledges the concept of tiered response, which emphasizes that response to cybersecurity incidents, and should be handled at the right level to support the critical infrastructure sector owner, operator, or vendor.
ICS-CERT operations in this publicaton are described by the attributes that support its scalable, flexible, and adaptable coordinating structures. The program has roles and responsibilities which include integrating capabilities across the whole community, local, state, tribal, territorial, and federal governments in support of response to actual and potential cybersecurity incidents.