Department of Homeland Security

Ensuring the Nation’s Cybersecurity Is a Whole-of-Government Effort

Over the past couple of decades, our nation’s reliance on the internet and its associated infrastructures and technologies has significantly increased.

DHS Facilitates the Safe and Responsible Deployment and Use of Artificial Intelligence in Federal Government, Critical Infrastru (Department of Homeland Security)

Submitted by benton on Tue, 04/30/2024 - 05:35

Guidelines for secure AI system development (Department of Homeland Security)

Submitted by zwalker@benton.org on Mon, 11/27/2023 - 15:10

Enduring Security Framework Potential Threats to 5G Network Slicing (Department of Homeland Security)

Submitted by dclay@benton.org on Wed, 12/21/2022 - 14:42

Assessment of the Critical Supply Chains Supporting the U.S. Information and Communications Technology Industry (Department of Commerce)

Submitted by benton on Thu, 02/24/2022 - 06:31

Strategic Principles for Securing the Internet of Things

The growth of network-connected devices, systems, and services comprising the Internet of Things (IoT) creates immense opportunities and benefits for our society. IoT security, however, has not kept up with the rapid pace of innovation and deployment, creating substantial safety and economic risks. This document explains these risks and provides a set of non-binding principles and suggested best practices to build toward a responsible level of security for the devices and systems businesses design, manufacture, own, and operate.

The following principles offer stakeholders a way to organize their thinking about how to address IoT security challenges:

Incorporate Security at the Design Phase
Advance Security Updates and Vulnerability Management
Build on Proven Security Practices
Prioritize Security Measures According to Potential Impact
Promote Transparency across IoT
Connect Carefully and Deliberately

Reaction on “Heartbleed”: Working Together to Mitigate Cybersecurity Vulnerabilities

When a cybersecurity industry report was published about a vulnerability known as “Heartbleed” -- affecting websites, email, and instant messaging -- that can potentially impact Internet logins and personal information online by undermining the encryption process, the Department’s US -- Computer Emergency Readiness Team (US-CERT) immediately issued an alert to share actionable information with the public and suggested mitigation steps.

Subsequently, our Industrial Control System-Cyber Emergency Response Team (ICS-CERT) published information and reached out to vendors and asset owners to determine the potential vulnerabilities to computer systems that control essential systems -- like critical infrastructure, user-facing, and financial systems.

The National Coordinating Center for Communications (NCC) also provided situational awareness to communications sector partners for their review and action. Importantly, the Federal government’s core citizen-facing websites are not exposed to risks from this cybersecurity threat. We are continuing to coordinate across agencies to ensure that all Federal government websites are protected from this threat.

Benton

Search