The IT Law Wiki


The National Cyber Response Coordination Group (NCRCG) is the principal federal interagency mechanism for coordinating the preparation for and response to significant cyber incidents, such as a major Internet disruption, and includes members from 19 federal departments and agencies.[1] In the event of a cyber-related Incident of National Significance requiring federal response and interagency coordination, it serves as the Federal Government's principal interagency mechanism for operational information-sharing and coordination of Federal response and recovery efforts during a cyber incident.

NCRCG member agencies use their established relationships with the private sector and State, local, tribal, and territorial governments to facilitate cyber incident management, develop courses of action, and devise appropriate response and recovery strategies. NCRCG facilitates coordination of the Federal Government's efforts to prepare for, respond to, and recover from cyber incidents and physical attacks that have significant cyber consequences.

Domestic activities[]

The NCRCG performs the following functions:

  • Provides input to member agency and department heads and the IIMG on cybersecurity issues;
  • Assists in reviewing threat assessments and providing strategic situational awareness and decision support across the national cyber incident management spectrum, including prevention, preparedness, response, and recovery;
  • Synthesizes information, frames policy issues, and recommends actions — including use or allocation of federal resources — for agency and department heads, the IIMG, and other appropriate officials; and
  • As appropriate, supports the Executive Office of the President.

During actual or potential Incidents of National Significance, the NCRCG coordinates with the Homeland Security Operations Center (HSOC) in disseminating critical information to and from government and non-government sources, such as information-sharing mechanisms, academia, industry, and the public. The NCRCG leverages existing resources of DHS/IAIP/NCSD/U.S. Computer Emergency Readiness Team (US-CERT) in this coordination and outreach activity.

International activities[]

The NCRCG consults with international partners for routine situational awareness and during incidents. NCRCG member agencies integrate their capabilities to facilitate assessment of the domestic and international scope and severity of a cyber incident.