DHS/CISA/PIA-033 National Cybersecurity Protection System (NCPS)-Intrusion Detection

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) leads the Federal Government effort to protect and defend federal civilian Executive Branch agency networks from cyber threats. These efforts are conducted, in part, through the National Cybersecurity Protection System’s (NCPS) intrusion detection capabilities — formerly referred to as EINSTEIN 1 and EINSTEIN 2. This Privacy Impact Assessment (PIA) provides a programmatic update on the NCPS intrusion detection capabilities and provides an in-depth analysis of the collection of information related to known or suspected cyber threats that could potentially include information that could be considered personally identifiable information (PII). Due to the close operational relationship between the NCPS network flow (netflow) and intrusion detection capabilities, this PIA combines, updates, and replaces the former EINSTEIN PIA (September 2004) and EINSTEIN 2 PIA (May 2008). September 2019