The Office of Cybersecurity and Communications (CS&C), a component of the National Protection and Programs Directorate within Department of Homeland Security, has the mission of assuring the security, resiliency, and reliability of the nation's cyber and communications infrastructure.
CS&C is responsible for developing and collecting FISMA metrics, in conjunction with the Office of Management and Budget, that are submitted either annually or quarterly by the Office of the Chief Information Officer (OCIO) and Office of Inspector General (OIG) at each agency. In addition, Federal agencies are required to provide monthly information security and vulnerability data feeds through a web-based application, CyberScope, allowing for improved risk-management decisions and increased situational awareness.
CS&C actively engages the public and private sectors as well as international partners to prepare for, prevent, and respond to catastrophic incidents that could degrade or overwhelm these strategic assets.
CS&C works to prevent or minimize disruptions to U.S. critical information infrastructure in order to protect the public, economy, government services, and the overall security of the United States. It does this by supporting a series of continuous efforts designed to further safeguard federal government systems by reducing potential vulnerabilities, protecting against cyber intrusions, and anticipating future threats.
CS&C analyzes information that is specific to identifying known or suspected cyber threats from a number of sources in the form of "indicators" (e.g., Internet Protocol (IP) addresses, domains, e-mail headers, files, and strings). These "indicators" can be used to create intrusion detection signatures or other means of detecting and mitigating cyber threats.
Sources for the collection of these indicators include: cybersecurity analysis activities conducted by DHS; domestic and international private sector organizations; and international, federal, or state agencies with a vested interest in promoting cybersecurity. Indicators about known or suspected cyber threats may also be collected from information gathered by the EINSTEIN sensors placed on Federal civilian Executive Branch agency network collection points.
CS&C carries out its mission through its five divisions:
- Office of Emergency Communications
- National Cybersecurity and Communications Integration Center
- Stakeholder Engagement and Cyber Infrastructure Resilience
- Federal Network Resilience
- Network Security Deployment
In addition, CS&C operates the Enterprise Performance Management Office, which ensures that the Assistant Secretary's strategic goals and priorities are reflected across all CS&C programs; measures the effectiveness of initiatives, programs, and projects that support those goals and priorities; and facilitates cross-functional mission coordination and implementation between CS&C components, within DHS, and among the interagency.
- Participates in ITU-T's cybersecurity and telecommunications standards study group efforts as a member of U.S. delegations.
- Participates in ITU-D's cybersecurity capacity-building study group efforts (such as national cybersecurity best-practices guides and cybersecurity self-assessment tools) as a member of U.S. delegations.
- Engages multi-national companies to develop key practices that mitigate risk to the global supply chain.
- Co-sponsors an international academic working group reviewing international standards for information assurance education.
- Conducts large-scale cybersecurity exercises, such as Cyber Storm, with international partners to improve incident response and coordination capabilities.
- Participates in FIRST.
- Coordinates the development of incident response standard operating procedures for the International Watch and Warning Network (IWWN) — a government-to-government forum. The network was established in 2004 to foster international collaboration on addressing cyber threats, attacks, and vulnerabilities, and enhancing global cyber situational awareness and incident response capabilities.
- Serves on the Steering Committee for the Meridian Process and serves as chair of the Meridian Process Control Systems Information Exchange.
- Serves as the Deputy Co-Convener of the cybersecurity-focused biannual meetings of APEC TEL’s Security and Prosperity Steering Group; promotes cybersecurity exercises, awareness raising, and other topics by convening and participating in APEC TEL workshops; directly participates in APEC TEL meetings as a member of U.S. delegations.
- Advises on the OECD's WPISP efforts as a member of U.S. delegations.
- Participates in OAS-CICTE efforts to advance cybersecurity and develop cyber incident response teams across the hemisphere and promote regional capacity-building.
- Participates in OAS-CITEL cybersecurity standards efforts as a member via the U.S. mission (including workplan development and increasing the level of training).
- Participated in the 2009 Organization for Security and Co-operation in Europe meeting focused on cybersecurity.
- Engages in bilateral and multilateral relationships with foreign countries including information sharing on issues of mutual concern and operations; exchanging good practices; collaborating on the development of mitigation measures; and coordination of watch, warning, and incident response efforts.
- Provides cybersecurity-related training to developing nations at the U.S. Telecommunication and Training Institute.
- Provides subject matter expertise to the NATO Civil Communications Planning Committee on programs/activities that address cybersecurity.
- Participates in international efforts via the International Sub-IPC. Provides control systems security training to developed and developing nations.