U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. About DHS
  3. Site Links
  4. Keywords
  5. Cyber Incident

Cyber Incident

Last Updated: | Publication

Comparative Assessment of the DHS Harmonization of Cyber Incident Reporting to the Federal Government Report and the Rules on Incident Reporting in the EU Directive on Measures for a High Common Level of Cybersecurity Across the Union (NIS 2 Directive)

To inform the ongoing implementation of CIRCIA and the NIS 2 Directive by the respective authorities and to support entities active in multiple jurisdictions in their efforts to respond to cyber incidents, DHS and DG CONNECT are publishing the present joint report that identifies the main similarities and divergences in the DHS Report’s recommendations and the NIS 2 Directive.

Last Updated: | Publication

Harmonization of Cyber Incident Reporting to the Federal Government

This report outlines a series of actionable recommendations on how the federal government can streamline and harmonize the reporting of cyber incidents to better protect the nation’s critical infrastructure.

Last Updated: | Site Page

Report an IT Vulnerability

DHS recognizes that security researchers regularly contribute to the work of securing organizations and the Internet as a whole. Therefore, DHS invites reports of any vulnerabilities discovered on internet-accessible DHS information systems, applications, and websites.

Last Updated: | Publication

Vulnerability Disclosure Program Policy and Rules of Engagement

In accordance with Section 101 and Title I of the SECURE Technology Act (P.L. 115-390), this policy provides security researchers with clear guidelines for (1) conducting vulnerability and attack vector discovery activities directed at Department of Homeland Security (DHS) systems and (2) submitting those discovered vulnerabilities. This policy has been developed in consultation with the Attorney General, the Secretary of Defense, the Administrator of GSA, and non-governmental security researchers.

Last Updated: | Site Page

What DHS does during a Cyber Attack

The United States depends on Critical Infrastructure to support national defense, public health and safety, economic vitality, and overarching society well-being. Disruptions or significant damage to Critical Infrastructure could result in potentially catastrophic and cascading consequences to the Nation. Here’s what DHS does during an incident against critical information technology systems.