The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States

United States

The United States of America is a federal constitutional republic comprising fifty states and a federal district...

 Department of Homeland Security

United States Department of Homeland Security

The United States Department of Homeland Security is a cabinet department of the United States federal government, created in response to the September 11 attacks, and with the primary responsibilities of protecting the territory of the United States and protectorates from and responding to...

's Directorate for National Protection and Programs. Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System

National Communications System

The National Communications System is an office within the United States Department of Homeland Security charged with enabling national security and emergency preparedness communications using the national telecommunications system.-Background and history:The genesis of the NCS began in 1962...

, NCSD opened on June 6, 2003. The NCSD mission is collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative

Comprehensive National Cybersecurity Initiative

The Comprehensive National Cybersecurity Initiative was established by President George W. Bush in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 in January 2008. The initiative outlines U.S...

. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is Bobbie Stempfley, former chief information officer for the Defense Information Systems Agency

Defense Information Systems Agency

The Defense Information Systems Agency is a United States Department of Defense agency that provides information technology and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.As part of the Base Realignment and...

.

Strategic Objectives and Priorities

Strategic Objectives

To protect the cyber infrastructure, NCSD has identified two overarching objectives:

• To build and maintain an effective national cyberspace response system.
• To implement a cyber-risk management program for protection of critical infrastructure.

Priorities

• Continued development of the EINSTEIN
  Einstein (US-CERT program)
  Einstein is an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic...
  
   system’s capabilities as a critical tool in protecting the Federal Executive Branch civilian departments and agencies.
• Development of the National Cyber Incident Response Plan (NCIRP) in full collaboration with the private sector and other key stakeholders. NCIRP ensures that all national cybersecurity partners understand their roles in cyber incident response and are prepared to participate in a coordinated and managed process.
• Increase the security of automated control systems that operate elements of our national critical infrastructure.

Organization

NCSD is funded through the following three Congressionally appropriated Programs, Projects and Activities (PPA): United States Computer Emergency Readiness Team

United States Computer Emergency Readiness Team

The United States Computer Emergency Readiness Team is part of the National Cyber Security Division of the United States' Department of Homeland Security....

 (US-CERT), Strategic Initiatives, and Outreach and Programs:

• US-CERT leverages technical competencies in federal network operations and threat analysis centers to develop knowledge and knowledge management practices. US-CERT provides a single, accountable focal point to support federal stakeholders as they make key operational and implementation decisions and secure the Federal Executive Branch civilian networks. It does so through a holistic approach that enables federal stakeholders to address cybersecurity challenges in a manner that maximizes value while minimizing risks associated with technology and security investments. Further, US-CERT analyzes threats and vulnerabilities, disseminates cyber threat warning information, and coordinates with partners and customers to achieve shared situational awareness related to the Nation’s cyber infrastructure. US-CERT funds also support the development, acquisition, deployment, and personnel required to implement the National Cybersecurity Protection System (NCPS), operationally known as EINSTEIN
  Einstein (US-CERT program)
  Einstein is an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic...
  
  . The EINSTEIN Program is an automated intrusion detection system for collecting, correlating, analyzing, and sharing computer security information across the federal government to improve our Nation’s situational awareness. EINSTEIN
  Einstein (US-CERT program)
  Einstein is an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic...
  
   is an early warning system that monitors the network gateways of Federal Executive Branch civilian departments and agencies for malicious cyber activity. DHS is deploying EINSTEIN
  Einstein (US-CERT program)
  Einstein is an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic...
  
   1 and 2 systems in conjunction with the federal TIC initiative, which optimizes network security capabilities into a common solution for the Federal Executive Branch and facilitates the reduction and consolidation of external connections, including Internet points of presence, through approved access points.
  • The National Cyber Security Center
    National Cyber Security Center
    The National Cybersecurity Center is an office within the United States Department of Homeland Security created in March 2008, and is based on the requirements of National Security Presidential Directive 54/Homeland Security Presidential Directive 23 , reporting directly to DHS Secretary Janet...
    
     (NCSC) is a component of US-CERT’s budget. The NCSC fulfills its presidential mandate as outlined in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 in ensuring that federal agencies can access and receive information and intelligence needed to execute their respective 7 cybersecurity missions. The NCSC accomplishes this through the following six mission areas: Mission Integration, Collaboration and Coordination, Situational Awareness and Cyber Incident Response, Analysis and Reporting, Knowledge Management, and Technology Development and Management, each supported by developing NCSC programs and capabilities.

• Strategic Initiatives enables NCSD to establish mechanisms for federal partners to deploy standardized tools and services at a reduced cost, paving the way for a collaborative environment that enables the sharing of best practices and common security challenges and shortfalls. In addition, Strategic Initiatives enables NPPD to develop and promulgate sound practices for software developers, IT security professionals, and other CIKR stakeholders; it also enables collaboration with the public and private sectors to assess and mitigate risk to the nation’s cyber CIKR.

• Outreach and Programs promotes opportunities to leverage the cybersecurity investments of public and private industry partners. This PPA encourages cybersecurity awareness among the 8 general public and within key communities, maintains relationships with government cybersecurity professionals to share information about cybersecurity initiatives, and develops partnerships to promote collaboration on cybersecurity issues. Outreach and Programs enables governance and assistance in setting policy direction and establishes resource requirements for NCSD’s complex activities.

Early Leadership Turnover

NCSD has been plagued by leadership problems, having had multiple directors that resign after serving only short terms, or potential candidates for the position of director who refuse the position. As chair of the pre-existing Counter-terrorism Security Group, Richard Clarke

Richard A. Clarke

Richard Alan Clarke was a U.S. government employee for 30 years, 1973–2003. He worked for the State Department during the presidency of Ronald Reagan. In 1992, President George H.W. Bush appointed him to chair the Counter-terrorism Security Group and to a seat on the United States National...

 was initially offered the position of director of the NCSD, but refused citing concerns that there would be too many bureaucratic layers between him and Homeland Security director Tom Ridge

Tom Ridge

Thomas Joseph "Tom" Ridge is an American politician who served as a member of the United States House of Representatives , the 43rd Governor of Pennsylvania , Assistant to the President for Homeland Security , and the first United States Secretary of Homeland Security...

. Robert Liscouski ran the division initially while a permanent director was sought and continued on as Assistant Director until February 2005. Amit Yoran

Amit Yoran

Amit Yoran was the National Cyber Security Division director within the United States Department of Homeland Security. He took up the post in September 2003 and resigned in October 2004....

 became director of NCSD in September 2003 and helped set up the division, but after only a year in the job, left abruptly in October 2004. One of the division's deputy directors, Andy Purdy, assumed the position of interim director within a week of Yoran's departure. In 2006 upon Andy Purdy's departure Jerry Dixon took on the role as Acting Director in December 2006 till officially appointed to the position as Executive Director in January 2007. Upon Dixon's departure in September 2007 Mcguire took on the role of Acting Director until March 2008 which the USSS assigned Cornelius Tate to be the current Director of NCSD.

An audit of the division, conducted by DHS's inspector general Clark Kent Ervin, cast a negative view on the division's first year. Although the report praised the formation of the U.S. Computer Emergency Readiness Team (US-CERT) and the National Cyber Alert System

National Cyber Alert System

The National Cyber Alert System is an email and RSS notification service for the United States sent by the United States Computer Emergency Readiness Team , which is part of the National Cyber Security Division of the United States Department of Homeland Security...

, the division received criticism for failing to set priorities, develop strategic plans and provide effective leadership in cyber security issues.

External links

• National Cybersecurity Division webpage