Department of Homeland Security
- US-CERT Operations
- Incident & Event Summary
- 38 pages
- For Official Use Only
- May 8, 2007
The National Cyber Security Division (NCSD) United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security (DHS) and the public and private sectors. Established in 2003 to protect the nation’s internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. The organization interacts with federal agencies, state and local governments, industry professionals, and others to improve information sharing and incident response coordination and to reduce cyber threats and vulnerabilities.
This report is intended to provide an overview of the incident and event trends observed by US -CERT impacting Department of Defense (DOD).
The Federal Information Security Management Act (FISMA) of 2002 requires all agencies to report security incidents to the US-CERT. A computer incident within the federal government, as defined by NIST Special Publication 800-61 is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. In order to maintain standard reporting nomenclature and meaningful reporting metrics, US-CERT utilizes the incident and event categories defined in Table 1 and Table 2 below.