U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. About DHS
  3. Site Links
  4. Keywords
  5. Cyber Incident

Cyber Incident

Last Updated: | Press Releases

Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023

The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.

Last Updated: | Press Releases

DHS and DG CONNECT Announce Initiative Comparing Cyber Incident Reporting to Better Align Transatlantic Approaches

DHS and European Commission’s Directorate General for Communications, Networks, Content, and Technology (DG CONNECT) announced an initiative to compare cyber incident reporting elements that will inform cyber incident reporting requirements by the US and EU.

Last Updated: | Publication

Comparative Assessment of the DHS Harmonization of Cyber Incident Reporting to the Federal Government Report and the Rules on Incident Reporting in the EU Directive on Measures for a High Common Level of Cybersecurity Across the Union (NIS 2 Directive)

To inform the ongoing implementation of CIRCIA and the NIS 2 Directive by the respective authorities and to support entities active in multiple jurisdictions in their efforts to respond to cyber incidents, DHS and DG CONNECT are publishing the present joint report that identifies the main similarities and divergences in the DHS Report’s recommendations and the NIS 2 Directive.

Last Updated: | Press Releases

DHS Issues Recommendations to Harmonize Cyber Incident Reporting for Critical Infrastructure Entities

DHS outlined a series of actionable recommendations on how the federal government can streamline and harmonize the reporting of cyber incidents to better protect the nation’s critical infrastructure. These recommendations provide a clear path forward for reducing burden on critical infrastructure partners and enabling the federal government to better identify trends in malicious cyber incidents, as well as helping organizations to prevent, respond to, and recover from attacks.

Last Updated: | Publication

Harmonization of Cyber Incident Reporting to the Federal Government

This report outlines a series of actionable recommendations on how the federal government can streamline and harmonize the reporting of cyber incidents to better protect the nation’s critical infrastructure.

Last Updated: | Site Page

Report an IT Vulnerability

DHS recognizes that security researchers regularly contribute to the work of securing organizations and the Internet as a whole. Therefore, DHS invites reports of any vulnerabilities discovered on internet-accessible DHS information systems, applications, and websites.

Last Updated: | Press Releases

Cyber Safety Review Board Releases Report of its Review into Log4j Vulnerabilities and Response

The U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report, which includes 19 actionable recommendations for government and industry. The recommendations from the CSRB – an unprecedented public-private initiative that brings together government and industry leaders to review and assess significant cybersecurity events to better protect our nation’s networks and infrastructure – address the continued risk posed by vulnerabilities discovered in late 2021 in the widely used Log4j open-source software library.

Last Updated: | Press Releases

DHS Launches First-Ever Cyber Safety Review Board

The U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is an unprecedented public-private initiative that will bring together government and industry leaders to elevate our nation’s cybersecurity.

Last Updated: | Publication

Vulnerability Disclosure Program Policy and Rules of Engagement

In accordance with Section 101 and Title I of the SECURE Technology Act (P.L. 115-390), this policy provides security researchers with clear guidelines for (1) conducting vulnerability and attack vector discovery activities directed at Department of Homeland Security (DHS) systems and (2) submitting those discovered vulnerabilities. This policy has been developed in consultation with the Attorney General, the Secretary of Defense, the Administrator of GSA, and non-governmental security researchers.

Last Updated: | Press Releases

DHS Announces Steps to Advance President’s Commitment to Elevate Cybersecurity

Secretary Alejandro N. Mayorkas announced the many ways the Department of Homeland Security (DHS) will carry out President Biden’s vision to elevate cybersecurity across the government.  DHS will lead efforts to mitigate risks to the United States, further strengthen its partnerships with the private sector, and expand its investment in the infrastructure and people required to defend against malicious cyber attacks as part of a whole-of-government effort.