The Incident Management Program combines multiple Departmental incident-related services into a joint capability that focuses on threat information sharing, critical infrastructure protection, active defense and incident preparedness. The Incident Management program reports incidents to United States Computer Emergency Readiness Team (US-CERT), fulfilling statutory requirements and ensuring a coordinated response to cyber attacks.
Joint Cybersecurity Coordination Center-Cyber Incident Response Capability (JC3)
JC3 provides the U.S. Department of Energy with incident response, reporting, and tracking, along with other computer security support. JC3 is a member of GFIRST, the Government Forum of Incident Responders and Security Teams and FIRST an international incident response and security organization. CIO Guidance O 205.1B requires that all Department of Energy elements, the National Nuclear Security Administration (NNSA), Program Secretarial Offices, and other DOE organizations which have access to DOE cyber systems report cyber security incidents to JC3. JC3 Bulletins are distributed to the DOE community to notify sites of computer security vulnerabilities and recommended actions.
Latest JC3 Bulletins
-
October 10, 2012
Microsoft Security Bulletin Advance Notification for October 2012. Microsoft has posted 1 Critical Bulletins and 6 Important Bulletins.
-
October 9, 2012
Several vulnerabilities were reported in Google Chrome.
-
October 8, 2012
A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks.