The Incident Management Program (IMP) focuses on:
- threat information sharing
- critical infrastructure protection
- active defense
- incident preparedness.
The IMP reports all incidents to the United States Computer Emergency Readiness Team (US-CERT), fulfilling statutory requirements and ensuring a coordinated response to cyber attacks.
Joint Cybersecurity Coordination Center (JC3)
The Joint Cybersecurity Coordination Center (JC3) provides DOE with incident response, reporting, tracking, and other computer security support. JC3 is a member of the Government Forum of Incident Responders and Security Teams (GFIRST) and FIRST, an international incident response and security organization. DOE O 205.1B Chg 2 requires that all Department of Energy elements, the National Nuclear Security Administration (NNSA), Program Secretarial Offices, and other DOE organizations with access to DOE cyber systems report cyber security incidents to JC3. JC3 Bulletins are disseminated to the DOE community to notify users of computer security vulnerabilities and recommended actions.
Latest JC3 Bulletins
-
September 9, 2013
TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations
-
September 6, 2013
A vulnerability has been reported in the CentralAuth extension for MediaWik that allows people to bypass certain security restrictions
-
September 5, 2013
A vulnerability was reported in Cisco Mobility Services Engine where a remote user can login anonymously.