Cybersecurity – An Emerging Challenge for All Law Enforcement

Every day there are news stories about the latest victims of data breaches and identity theft and of information technology systems crippled by cyber attacks. Private citizens, businesses, and government organizations are all at risk of falling under attack, and police departments are far from immune. Across the United States, state and local law enforcement organizations have dealt with threats to their IT systems and data, many lacking the expertise and knowledge to respond quickly and mitigate the damage.

One place these agencies can turn to is the U.S. Department of Homeland Security (DHS), which has many no-cost resources available to assist state and local law enforcement with their cybersecurity planning and resiliency efforts.

The Department of Homeland Security’s Role in Cybersecurity

The DHS National Protection and Programs Directorate (NPPD) is responsible for helping to secure the U.S. critical infrastructure and enhance its resiliency. Within NPPD, the Office of Cybersecurity and Communications (CS&C) takes the lead on cybersecurity, critical infrastructure security, and resilience, engaging the public at all levels of government and private sectors, as well as international partners, to prepare for, prevent, and respond to cyber incidents that could degrade or overwhelm U.S. strategic assets.

DHS is also responsible for helping to secure the “dot gov” domain, largely through its operational coordination mechanism, the National Cybersecurity and Communications Integration Center (NCCIC).

The NCCIC is a 24/7 cyber situational awareness, incident response, and management center where government, private sector, law enforcement, international, and intelligence community partners work together to detect, prevent, respond to, and mitigate threats to U.S. cyber and communications systems. Since its establishment in 2009, the NCCIC has responded to nearly half a million incident reports and released more than 26,000 actionable cybersecurity alerts.

The NCCIC works in partnership with the FBI, U.S. Secret Service, and other law enforcement entities for coordination, integration, and information sharing related to domestic cyberthreat investigations. Further, the NCCIC, FBI, and the U.S. Secret Service have developed joint standard operating procedures to ensure outreach and response activities are coordinated on behalf of victims of cybercrime and incidents. For more information about the NCCIC, visit

Another DHS office providing support to law enforcement agencies is the Office of Intelligence and Analysis (I&A), which works to increase the volume, timeliness, and quality of releasable unclassified cyberthreat assessments, while ensuring law enforcement sources, methods, and privacy and civil liberties are protected. I&A publishes unclassified products that provide cybersecurity awareness to state, local, tribal, and territorial first responders in matters that can affect the personnel and network security of their organizations and jurisdictions.

State, Local, Tribal, and Territorial (SLTT) Government Engagement

DHS has long recognized that cybersecurity is a shared responsibility of all Americans and that success depends on engagement with strategic partners, including law enforcement. As such, DHS engagement with public and private sector partners on cybersecurity has expanded steadily since the department’s inception in 2003. DHS maintains a strategic partnership with the Multi-State Information Sharing and Analysis Center (MS-ISAC), which was created to improve the overall cybersecurity posture of SLTT governments at all levels. Collaboration and information sharing among members, private sector partners, and DHS are critical to success.

MS-ISAC provides direct cybersecurity monitoring services to member organizations, as well as general cybersecurity support to all SLTT entities—including law enforcement. And through the 24/7 watch and warning security operations center, it provides real-time network monitoring and dissemination of early cyberthreat warnings, as well as vulnerability identification and mitigation to assist SLTT government in addressing risks to SLTT-owned and operated networks.

In addition to the MS-ISAC, DHS has recently initiated efforts to increase cybersecurity support to law enforcement organizations through state and major urban area fusion centers. State and major urban area fusion centers serve as focal points for the receipt, analysis, and sharing of threat-related information—including cyber information—between the federal government, SLTT law enforcement organizations and governments, and private sector partners.

DHS is partnering with the Center for Internet Security (CIS) to create an Integrated Intelligence Center (IIC) to receive and process reports from fusion centers on suspected or confirmed cyber incidents. This collaboration will allow partner agencies to more quickly evaluate information and track each incident for appropriate follow-up, based on severity. CIS has already gained the participation of all 50 state homeland security advisors and 73 of the 78 fusion centers. For more information on CIS and its MS-ISAC and IIC organizations, visit

Just as fusion centers work to secure critical infrastructure, CS&C’s Office of Emergency Communications (OEC) is working to help create a secure environment for the Nationwide Public Safety Broadband Network (NPSBN). The NPSBN will provide emergency responders with enhanced capabilities to communicate seamlessly with one another during the response to large-scale incidents, as well as during day-to-day operations. OEC has been working with partners in public safety, government, industry, and academia to understand the risks associated with the deployment of the network and to mitigate them.

Partnering with the International Association of Chiefs of Police

Providing the resources mentioned to law enforcement groups such as the International Association of Chiefs of Police (IACP) strengthens the partnership between the federal government and SLTT law enforcement organizations. For example, when DHS and the IACP co-hosted a Cyberthreat Roundtable in 2012, more than 20 state and local law enforcement and government officials from across the United States met and gained a better understanding of the challenges cyber incidents pose at all levels of government. They recognized the need to address those challenges through collaboration between the Federal Government and state and local law enforcement organizations.

DHS has significant cybersecurity capabilities and is using those capabilities to work collaboratively with all levels of government and the private sector to protect U.S. critical infrastructure. These resources can help local law enforcement agencies improve their cybersecurity posture and become better prepared to prevent, respond, or mitigate the effects of an attack.

The cyberthreat has proven to be dynamic, constantly evolving, and growing. All indications point to an increasing role for law enforcement in the future, and DHS is prepared to help law enforcement organizations meet that cybersecurity challenge. From forensic cyber investigations and confronting the challenges involved with cybercrime, to integrating SLTT law enforcement with federal efforts directly and through fusion centers, DHS and law enforcement agencies are working together toward a more secure cyberspace. DHS will continue its partnerships with the IACP and SLTT law enforcement organizations across the United States to help them develop the resources and capabilities needed to effectively address the cybersecurity challenge.

For more information about DHS cybersecurity resources and programs, visit♦

Erin Meehan is Program Director of State, Local, Tribal and Territorial (SLTT) Engagement in the DHS Office of Cybersecurity and Communications. To learn more about SLTT and other DHS cyber programs, please email SLTTCyber@HQ.DHS.GOV.