U.S. Cyber Incident Reporting

Posted by BAS - 25 August, 2016

header-picture

The United States Department of Homeland Security, the main government agency responsible for responding to a significant cyber incident, released guidelines for reporting cyber incidents to the federal government.

A cyber incident is defined as an event that could jeopardize the confidentiality, integrity or availability of digital information. DHS recommends reporting incidents that could:

  • result in a significant loss of data, system availability, or control of systems;
  • impact a large number of victims;
  •  indicate unauthorized access to, or malicious software present on, critical information technology systems;
  • affect critical infrastructure or core government functions; or
  • impact national security, economic security, or public health and safety

Reports should be made to the local field office of federal law enforcement agencies, or to one of the following agencies

  • FBI
  • National Cybersecurity and Communications Integration Center (NCCIC)
  • National Cyber Investigative Joint Task Force
  • United States Secret Service
  • United States Immigration and Customs Enforcement / Homeland Security Investigations (ICE/HSI).
Upon receiving a report of a cyber incident, the government will focus on threat response and asset response.

Recent Posts

Question of the Week

read more

White House Cybersecurity Memo

read more

Claim Submission Process in MyEnroll360

read more