Common Malware Enumeration (CME)
Community > CME Sponsor  

CME Sponsor

CME and US-CERT

CME is sponsored by US-CERT at the U.S. Department of Homeland Security.

Relationship between CME and US-CERT

US-CERT is the operational arm of the National Cyber Security Division at the U.S. Department of Homeland Security. US-CERT provides oversight to the CME effort, incorporates CME identifiers into its security advisories whenever possible, and advocates the use of CME and products and services that incorporate CME to the U.S. government and all members of the information security community.

Information about US-CERT

A brief overview about US-CERT from their Web site is included below. Detailed information about US-CERT, US-CERT advisories, and the USA National Cyber Alert System is available directly from the US-CERT Web site.

What is US-CERT?

US-CERT was established in September 2003 as a public-private partnership charged with improving computer security preparedness and response to cyber attacks in the United States. As an institution, US-CERT is responsible for

  • and reducing cyber threats and vulnerabilities
  • disseminating cyber threat warning information
  • coordinating incident response activities

US-CERT also provides a way for citizens, businesses, and other institutions to communicate and coordinate directly with the United States government about cyber security.

Why is US-CERT important?

US-CERT is the USA focal point for preventing, protecting against, and responding to cyber security and vulnerabilities. US-CERT interacts with all federal agencies, private industry, the research community, state and local governments, and others on a 24x7 basis to disseminate reasoned and actionable cyber security information. To provide security information to the public, US-CERT:

  • integrates content contributed by numerous organizations from both the public and private sectors
  • aggregates and analyzes the various types of data provided by contributing organizations
  • serves as the focal point for promoting common and comprehensive analysis of security trends and risks
  • maintains quality control standards and works to ensure technical accuracy as well as timeliness

What is US-CERT's relationship to NCSD and DHS?

US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). The NCSD was established by DHS to serve as the USA federal government's cornerstone for cyber security coordination and preparedness, including implementation of the National Strategy to Secure Cyberspace.

What is the relationship between US-CERT and other groups with "CERT" in their name?

Worldwide, there are more than 250 organizations that use the name "CERT" or a similar name and deal with cyber security response. In the United States, the Department of Homeland security created US-CERT to be the "Computer Emergency Readiness Team" with national responsibility for protecting the nation's information infrastructure by coordinating defense against and response to cyber attacks in the United States. US-CERT and the CERT Coordination Center at Carnegie Mellon University work jointly on these activities. When a cyber security problem warrants it, US-CERT coordinates a response by working with computer security experts. These experts are often part of incident response teams that are from the public and private sector, may include "CERT" or "CIRT" in their names, and originate from within the U.S. and international locales.

Who runs US-CERT?

US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security. It is a partnership of the NCSD, the CERT/CC, an FFRDC in conjunction with Carnegie Mellon University (BCC), and the public and private sectors. The Department of Homeland Security Cyber Security Chief oversees the operation and administration of US-CERT.

Who are US-CERT's partners?

As it grows, US-CERT will include partnerships with private sector cyber security vendors, academia, federal agencies, Information Sharing and Analysis Centers (ISACs), state and local governments, and domestic and international organizations. Working together, these groups will coordinate national and international efforts to address key cyber security issues.

What is the USA National Cyber Alert System?

The USA National Cyber Alert System is America's first cohesive national cyber security system for identifying, analyzing, and prioritizing emerging vulnerabilities and threats. Managed by the US-CERT, the system relays computer security update and warning information to all users. It provides all citizens—from computer security professionals to home computer users with basic skills—with free, timely, actionable information to better secure their computer systems.

How can the National Cyber Alert System help me? How do I subscribe?

The National Cyber Alert System provides valuable cyber security information to all users. You can subscribe to free email lists through the US-CERT web site. The system sends alerts and other cyber security information that provide guidelines and actions to help you to better secure your portion of cyberspace. You can receive any or all of the following documents through email:

Cyber Security Alerts: Available in two forms—regular for home users and advanced for technical users—Cyber Security Alerts provide timely information about security issues, vulnerabilities, and exploits currently occurring. Sign up at www.us-cert.gov/cas.

Cyber Security Tips: Written for non-technical home and corporate computer users, the bi-weekly Cyber Security Tips provide information on computer security best practices. Sign up at www.us-cert.gov/cas.

Cyber Security Bulletins: Written for technical audiences, Cyber Security Bulletins provide bi-weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as actions recommended to mitigate risk. Sign up at www.us-cert.gov/cas.

How can US-CERT help me?

US-CERT gives you access to valuable educational resources as well as up-to-date computer security information through the USA National Cyber Alert System and the US-CERT Web site.

How do I find out more about US-CERT?

Visit the US-CERT Web site at http://www.us-cert.gov.

Back to top