The National Protection Programs Directorate (NPPD) is primarily responsible for fulfilling the DHS national, non-law enforcement cybersecurity missions. Within NPPD, the Office of Cybersecurity and Communications is responsible for the implementation of the Enhanced Cybersecurity Services program. Our overall objective was to determine the effectiveness of the Enhanced Cybersecurity Services program to disseminate cyber threat and technical information with the critical infrastructure sectors through ommercial service providers. NPPD has made progress in expanding the Enhanced cybersecurity Services program. For example, as of May 2014, 40 critical infrastructure entities participate in the program. Additionally, 22 companies have signed memorandums of agreement to join the program. Further, NPPD has established the procedures and guidance required to carry out key tasks and operational aspects of the program, including an in depth security validation and accreditation process. NPPD has also addressed the privacy risk associated with the program by developing a Privacy Impact Assessment. Finally, NPPD has engaged sector specific agencies and government furnished information providers to expand the program, and has developed program reporting and metric capabilities to monitor the program.
Implementation Status of the Enhanced Cybersecurity Services Program