Incident Reporting

Has an incident occurred with which you need immediate help?

Join NCSS?

Do you believe you have been the victim of a cyber incident?
How would you know?
What defines a cyber incident?

The Department of Homeland Security’s US-CERT defines a incident as:

“an occurrence that – actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.”

In 2015, Congress passed the Cybersecurity Information Sharing Act that seeks to:

“…improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.”

As part of this legislation, Congress authorized the formation of ISAOs – or Information and Sharing Analysis Organizations, which are communities of interest whose members voluntarily share cybersecurity information with each other. The NCSS is an ISAO for small business and is connected to other ISAOs in industries and regions across the United States.

As a NCSS member, your business is afforded protection from liability and litigation matters as long as the incident was reported to the federal government or an ISAO. The NCSS, as an ISAO, will report your incident anonymously to the Department of Homeland Security (DHS) to ensure your business is provided liability protection. Sharing incident data enhances prevention and protection activities for the whole community.

According to DHS guidance:

“…Cyber threat indications and defensive measures shared with the federal government under the Act shall not be used by any federal, state, tribal, or local government to regulate, including through an enforcement action, the lawful activity of any non-federal entity or any activity taken by a non-federal entity pursuant to mandatory standards, including an activity relating to monitoring, operating a defensive measure, or sharing a cyber threat indicator.”

Completion of this incident report conforms to guidance promulgated by DHS under the Automated Information Sharing program.

Don’t wait another day, become a member and start protecting your business. With your annual membership your company will have access to the full suite of capabilities and educational support.

If you have been the victim of a cyber crime or cyber bullying, contact us at web@thencss.org. We will be happy to provide you a free or discounted membership to help you on the road to recovery.

Address: 1215 31st Street, NW, #3921 Washington, D.C. 20027
Phone: 703-340-7757

Terms of Service

Privacy Policy