The IT Law Wiki


The National Cybersecurity and Communications Integration Center (NCCIC), a division of the Office of Cybersecurity and Communications within the National Protection and Programs Directorate (NPPD), is the operational arm of NPPD and is responsible for providing full-time monitoring, information sharing, analysis, and incident response capabilities to protect Federal agencies' networks and critical infrastructure and key resources, such as industrial control systems.

The NCCIC was established in October 2009 to coordinate national response efforts and work directly with federal, state, local, tribal, and territorial governments and private-sector partners. It is the national 24-hours-a-day, 7-days-a-week operations center that is to provide situational awareness, multiagency incident response, and strategic analysis for issues related to cybersecurity and NS/EP communications.

It provides an integrated incident response facility to mitigate risks that could disrupt or degrade critical information technology functions and services, while allowing for flexibility in handling traditional voice and more modern data networks.

The unified operations center combines two of DHS's operational organizations: the U.S. Computer Emergency Readiness Team (US-CERT), which leads a public-private partnership to protect and defend the nation's cyber infrastructure, the National Coordinating Center for Telecommunications (NCC), the operational arm of the National Communications System, and the Industrial Control Systems CERT.

The Center:

During the ordinary course of operations, the NCCIC may receive classified CTIs, DMs and information relating to cybersecurity threats from other federal entities. Through its own analysis, or in consultation with federal or non-federal entities with appropriate security clearances, the NCCIC may identify a requirement to share the information more broadly than classification restrictions permit. In such cases, the NCCIC works with the originating federal entity to downgrade, sanitize, or otherwise declassify information for sharing with its stakeholders through indicator bulletins and other channels.

The NCCIC establishes standing critical information requirements so that its federal entity partners have a sense of the CTIs, DMs, and information relating to cybersecurity threats that are of the greatest interest to the NCCIC and its federal and non-federal entity stakeholders.


External resources[]