National Cyber Security Division

From Wikipedia, the free encyclopedia

The National Cyber Security Division (NCSD) is a division of the United States Department of Homeland Security's Directorate of Information Analysis and Infrastructure Protection.

Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened in June 6, 2003 charged with improving the United States defense against Internet-based attacks.

NCSD has been plagued by leadership problems, having had multiple directors that resign after serving only short terms, or potential candidates for the position of director who refuse the position. As chair of the pre-existing Counter-terrorism Security Group, Richard Clarke was initially offered the position of director of the NCSD, but refused citing concerns that there would be too many bureaucratic layers between him and Homeland Security director Tom Ridge. Robert Liscouski ran the division initially while a permanent director was sought and continued on as Assistant Director until February 2005. Amit Yoran became director of NCSD in September 2003 and helped set up the division, but after only a year in the job, left abruptly in October 2004. One of the division's deputy directors, Andy Purdy, assumed the position of interim director within a week of Yoran's departure. In July 2005, in order to respond to the leadership problem, the office of Director of NCSD was reportedly elevated to an Assistant Secretary position. Purdy's contract with DHS reportedly expires in October of 2006. Therefore, in July 2006 Robert Zitz, the Deputy Undersecretary for Preparedness, was named as Acting Director of NCSD. NCSD was saying at that time they were close to naming someone as Director.

An audit of the division, conducted by DHS's inspector general Clark Kent Ervin, cast a negative view on the division's first year. Although the report praised the formation of the US Computer Emergency Readiness Team (US-CERT) and its cyber alert system, the division received criticism for failures to set priorities, develop strategic plans and failing to provide effective leadership in cyber security issues.

NCSD appears to be playing a bit of the role of "man behind the curtain." While US-CERT, CERT, and the FCC's Network Reliability and Interoperability Council have public faces, websites and contact lists, there is no NCSD webpage on the DHS website and little publicly available information about the office, other than the initial press releases that it was forming. It is difficult to determine what NCSD does, distinct from US-CERT.