Overview[]
"The National Cyber Risk Alert Level system (NCRAL) determines when a Significant Cyber Incident is occurring and categorizes risks to critical systems into four alert levels: guarded, elevated, substantial, and severe. The NCRAL level is determined by examining the observed or potential consequences of cyber threats, vulnerabilities, or events related to national security, public safety, the economy, public confidence, or combinations of these factors. The existence of these conditions is established through use of the common operational picture provided by the NCCIC, an examination of the potential consequences of cyber incidents, and the input of NCCIC partners, among other inputs. The NCCIC shifts into Significant Cyber Incident Response when the NCRAL level reaches the substantial or severe levels. The NCRAL 'substantial' alert level occurs when there is 'observed or imminent degradation of critical functions with a moderate to significant level of consequences, possibly coupled with indicators of higher levels of consequences impending.' The 'severe' alert level occurs when 'highly disruptive levels of consequences are occurring or imminent.' While the NCRAL is not accessible outside of government, the United States Computer Emergency Readiness Team (US-CERT) maintains a similar National Cyber Alert System that provides situational awareness about risk levels to the public."[1]