Cyber Security Policy

DHS Cyber Overview

The National Cybersecurity & Communications Integration Center (NCCIC), within the Office of Cybersecurity and Communications, serves as a centralized location where operational elements involved in cybersecurity and communications reliance are coordinated and integrated. NCCIC partners include all federal departments and agencies; state, local, tribal, and territorial governments; the private sector; and international entities.

NCCIC Mission

To operate at the intersection of the private sector, civilian, law enforcement, intelligence, and defense communities, applying unique analytic perspectives, ensuring shared situational awareness, and orchestrating synchronized response efforts while protecting the Constitutional and privacy rights of Americans in both the cybersecurity and communications domains.

C3OIC engages in planning, coordination, and integration capabilities to synchronize analysis, information sharing, and incident response efforts across the NCCIC’s branches and activities.

US-CERT brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nation’s networks.

ICS-CERT reduces risk to the nation’s critical infrastructure by strengthening control systems security through public-private partnerships.

NCC leads and coordinates the initiation, restoration, and reconstitution of NS/EP telecommunications services or facilities under all conditions.


Bush signs Presidential Directive 7 creating the Critical Infrastructure Protection Policy Coordinating Committee

1996Critical Foundations, Protecting America’s Infrastructures – The Report of the President’s Commission on Critical Infrastructure Protection
1997PCCIP report released, highlighting government role in monitoring and disseminating latest-threat information to cyber companies
1998National Infrastructure Protection Center (NIPC) is created
1998Presidential Decision Directive (PPD) No. 63 to implement National Infrastructure Assurance Plan
1999National Infrastructure Assurance Council (NIAC) established by Clinton via Executive Order 13130, it is later rescinded by Bush before the council can convene
1999National Plan for Information Systems Protection Version 1.0 released by Clinton
2001The Patriot Act is signed by Bush and includes definition of critical infrastructure
Bush signs Executive Order 13228, establishing the Office of Homeland Security and the Homeland Security Council
Executive Order 13231-Critical Infrastructure Protection in the Information Age, signed by Bush, re-creates NIAC
2002First National Strategy for Homeland Security released
2003The National Strategy to Secure Cyberspace released
2005Interim National Infrastructure Protection Plan released
2006The Critical Infrastructure Partnership Advisory Council (CIPAC) is created by DHS in cooperation with private industry
National Infrastructure Protection Plan (NIPP)
Air Force Cyber Command created
2009Cybersecurity Policy Review completed by NSA and DHS
2011Cybersecurity Legislative Proposal released by the Obama administration
2012Cybersecurity Act of 2012 bill released
Presidential Policy Directive 20, secretly signed by President Obama in mid-October, is designed to thwart cyberattacks
20132013 White House Cybersecurity Executive Order released

Various Agency Cyber Security Policies, Directives, Memorandums, Etc.

Department of Defense

DTIC Policy and Flowchart

Defense Industrial Base (DIB) Cyber Security/Information Assurance (CS/IA)

DoD Strategy for Operating in Cyberspace

DoD Press Releases (Has a lot of good information

DoD Cyber Range


Policy Capture

Cyber Security for DoD

DoD Slidshare

Department of Homeland Security

Overview of DHS

DHS Cyber Blue Print

DHS Mission

” Open Source is the source of first resort. “

Alex Voultepsis, CTO EEIC & CIO ODNI