The IT Law Wiki


The National Cyberspace Security Response System (NCSRS) is a public-private architecture, coordinated by the Department of Homeland Security, for analyzing and warning; managing incidents of national significance; promoting continuity in government systems and private sector infrastructures; and increasing information sharing across and between organizations to improve cyberspace security.

The National Cyberspace Security Response System includes governmental entities and nongovernmental entities, such as private sector information sharing and analysis centers (ISACs).

Purposes and goals[]

The fact that the vast majority of cyberspace is neither owned nor operated by any single group — public or private — presents a challenge for creating a National Cyberspace Security Response System. There is no synoptic or holistic view of cyberspace. Therefore, there is no panoramic vantage point from which we can see attacks coming or spreading. Information that indicates an attack has occurred (e.g., worms, viruses, denial-of-service attacks) accumulates through many different organizations. However, there is no organized mechanism for reviewing these indicators and determining their implications.

To mitigate the impact of cyberattacks, information about them must disseminate widely and quickly. Analytical and incident response capabilities that exist in numerous organizations could be coordinated to determine how to best defend against an attack, mitigate effects, and restore service.

Establishing a proper administrative mechanism for the National Cyberspace Security Response System presents another challenge. Unlike the U.S. airspace-monitoring program during the Cold War, individuals who operate the systems that enable and protect cyberspace usually are not federal employees. Thus, the National Cyberspace Security Response System must operate from a less formal, collaborative network of governmental and nongovernmental organizations.

Role of the Department of Homeland Security[]

DHS is responsible for developing the National Cyberspace Security Response System, which includes:

  • Providing crisis management support in response to threats to, or attacks on, critical information systems; and
  • Coordinating with other agencies of the federal government to provide specific warning information, and advice about appropriate protective measures and countermeasures, to state and local government agencies and authorities, the private sector, other entities, and the public.

DHS will lead and synchronize efforts for the National Cyberspace Security Response System as part of its overall information sharing and crisis coordination mandate; however, the system itself will consist of many organizations from both government and private sectors.

The authorizing legislation for the Department of Homeland Security also created the position of a privacy officer to ensure that any mechanisms associated with the National Cyberspace Security Response System appropriately balance its mission with civil liberty and privacy concerns. This officer will consult regularly with privacy advocates, industry experts, and the public at large to ensure broad input and consideration of privacy issues so that we achieve solutions that protect privacy while enhancing security.

Among the system components are existing federal programs and new federal initiatives pending budget-review consideration, as well as initiatives recommended for state and local governmental and private partners.