Provides incident response, management and coordination activities for cyber incidents occurring in the critical infrastructure sectors as well as Government entities at the Federal, State, Local, Tribal, and Territorial levels. Provides technical expertise and capacity to its constituents in responding to incidents. Incident response efforts focus on finding the root cause of an incident by searching for tools, techniques, and procedures along with behaviors and associated artifacts in the victim network. There are four types of customer engagements: remote assistance, advisory deployment, remote deployment, and on-site deployment.
For more information on cyber incident response, visit the Incident Detection, Response, and Prevention page.