Overview[]
The U.S. Department of Homeland Security (DHS) Control Systems Security Program (CSSP) developed the Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) to reduce control system cybersecurity risks within and across all critical infrastructure sectors.
The ICS-CERT provides recognized cyber incident response and analysis capabilities, addresses the security, threat, and awareness issues unique to control systems, and provides a means to share information across all CIKR.
The ICS-CERT provides a control system security focus in collaboration with US-CERT and the private sector critical infrastructure by expanding the technical and response capabilities and coordination for situational awareness, incident response, and vulnerability management. The focus on control systems cybersecurity provides a direct path for coordination of US-CERT activities with the stakeholders; recognizing that control system security issues are unique.
The ICS-CERT responds to and analyzes cyber threats and control systems incidents, conducts vulnerability and malware analysis, and provides on-site support for forensic investigations and analysis. The ICS-CERT shares and coordinates vulnerability information and threat analysis through actionable information products and alerts.
The ICS-CERT provides more efficient coordination of control systems-related security incidents and information sharing with federal, state, and local agencies and organizations, the Intelligence Community, private sector constituents including vendors, owners and operators, and international and private sector CERTs.