- What is US-CERT?
Established in September 2003, US-CERT is a public-private partnership charged
with improving computer security preparedness and response to cyber attacks in the United States. US-CERT is responsible for
- analyzing and reducing cyber threats and vulnerabilities
- disseminating cyber threat warning information
- coordinating incident response activities
US-CERT also provides a way for citizens, businesses, and other institutions to
communicate and coordinate directly with the United States government about cyber security.
- Why is US-CERT important?
US-CERT is the nation's focal point for preventing, protecting against, and responding to cyber security and vulnerabilities. US-CERT interacts with all federal agencies, private industry, the research community, state and local governments, and others on a 24x7 basis to disseminate reasoned and actionable cyber security information. To provide security information to the public, US-CERT
- integrates content contributed by numerous organizations from both the public and private sectors
- aggregates and analyzes the various types of data provided by contributing organizations
- serves as the focal point for promoting common and comprehensive analysis of security trends and risks
- maintains quality control standards and works to ensure technical accuracy as well as timeliness
- What is US-CERT's relationship to NCSD and DHS?
US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the
Department of Homeland Security (DHS). The NCSD was established by DHS to serve as the federal government's cornerstone for cyber
security coordination and preparedness, including implementation of the National Strategy to Secure Cyberspace.
- What is the relationship between US-CERT and other groups with "CERT" in
their name?
Worldwide, there are more than 250 organizations that use the name "CERT" or a similar name and deal with cyber security response. The Department of Homeland security created US-CERT to be the "Computer Emergency
Readiness Team" with national responsibility for protecting the nation's information infrastructure by coordinating defense against and response to cyber attacks. US-CERT and the CERT Coordination Center at Carnegie Mellon University
work jointly on these activities. When a cyber security problem warrants it, US-CERT
coordinates a response by working with computer security experts. These experts include members of public and private state and local sector incident response teams.
- Where is US-CERT located?
US-CERT is located in Washington, DC and Pittsburgh, PA.
- Who runs US-CERT?
US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security. It is a public-private partnership. The Department of Homeland Security Cyber Security Chief, Amit Yoran, oversees the operation and administration of US-CERT.
- Who are US-CERT's partners?
As it grows, US-CERT will include partnerships with private sector cyber security vendors, academia, federal agencies, Information Sharing and Analysis Centers (ISACs), state and local governments, and domestic and international organizations. Working together, these groups will coordinate national and international efforts to address key cyber security issues.
- What is the National Cyber Alert System?
The National Cyber Alert System is America's first cohesive national cyber security system for identifying, analyzing, and prioritizing emerging vulnerabilities and threats. Managed by the US-CERT, the system relays computer security update and warning information to all users. It provides all citizens—from computer security professionals to home computer users with basic skills—with free, timely, actionable information to better secure their computer systems.
- How can the National Cyber Alert System help me? How do I subscribe?
The National Cyber Alert System provides valuable cyber security information to all
users. You can subscribe to free email lists through the US-CERT web site. The system sends
alerts and other cyber security information that provide guidelines and actions to help you to better secure your portion of cyberspace. You can receive any or all of the following document through email.
- Cyber Security Alerts: Available in two forms—regular for home users and advanced for technical users— Cyber Security Alerts provide timely information about security issues, vulnerabilities, and exploits currently occurring.
Sign up at www.us-cert.gov/cas.
- Cyber Security Tips: Written for non-technical home and corporate computer users, the bi-weekly Cyber Security Tips provide information on computer security best practices.
Sign up at www.us-cert.gov/cas.
- Cyber Security Bulletins: Written for technical audiences, Cyber Security
Bulletins provide weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as actions recommended to mitigate risk.
Sign up at www.us-cert.gov/cas.
- How can US-CERT help me?
US-CERT gives you access to valuable educational resources as well as up-to-date computer security information through the National Cyber Alert System and the US-CERT web site.
- What is the Protected Critical Infrastructure Information (PCII) Program? How does the PCII Program protect submitted information?
The PCII Program, established in response to the Critical Infrastructure Information Act of 2002 (CII Act), creates a new framework for protecting certain types of information. The PCII program enables members of the private sector to, for the first time, voluntarily submit confidential information regarding the nation's critical infrastructure to the Department of Homeland Security (DHS) with the assurance that the information will be protected from public disclosure. More details about how information can be protected under the CII Act, can be found on the Department of Homeland Security web site.
- What is US-CERT's privacy policy?
The US-CERT web site contains a full description of our privacy policy.