The Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) works collaboratively with public, private, and international entities to secure cyberspace and America’s cyber assets. CISA established the Network Security Deployment (NSD) division to serve as the cybersecurity engineering and acquisition "Center of Excellence" not only within CISA, but for the entire DHS organization. NSD's mission is to improve cybersecurity for the federal civilian government and other partners by facilitating the integration of various cybersecurity technologies, products, and services. NSD is responsible for three major cybersecurity programs the National Cybersecurity Protection System (NCPS), Continuous Diagnostics and Mitigation (CDM), and Enhanced Cybersecurity Services (ECS).
NSD’s mission is to improve cybersecurity to federal departments, agencies, and partners by developing the technologies and establishing the services needed to fulfill CISA’s cybersecurity mission. To meet that mission need, NSD designs, develops, deploys, and sustains the National Cybersecurity Protection System (NCPS), which provides intrusion detection, advanced analytics, information sharing, and intrusion prevention capabilities that combat and mitigate cyber threats to the Federal Executive Branch information and networks. NSD is responsible for managing the Continuous Diagnostics and Mitigation (CDM) program, which provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first. Finally, Enhanced Cybersecurity Services (ECS) program is an intrusion prevention capability that helps U.S. based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. ECS works by sharing sensitive and classified cyber threat information with accredited Commercial Service Providers (CSPs). These CSPs in turn use that information to block certain types of malicious traffic from entering customer networks. ECS is meant to augment, but not replace, existing cybersecurity capabilities.
NSD conducts the following activities:
- Performs strategic planning for the NCPS CDM, and ECS programs, as well as any other programs that come into NSD.
- Investigates technologies, processes, concepts, end items, or system demonstrations, based on cyber needs, used to support the computer network defense missions of both CDM, ECS, and NCPS.
- Plans for future technical road maps for NSD programs.
- Develops capabilities that support the DHS cyber mission at multiple levels through the use of technology demonstration, integration of existing solutions, and development of new tactics to employ solutions.
- Harnesses current and emerging technologies to provide immediate solutions to the urgent challenges of CS&C’s cyber mission.
- Serves as the Program Management Office for the NCPS, ECS, and CDM programs.
- Operates and maintains NCPS, the federal dashboard of the CDM Program and ECS Program work by sharing sensitive and classified cyber threat information with accredited Commercial Service Providers (CSPs).