The United States Department of Homeland Security’s (DHS) enhanced cybersecurity services (ECS) program recently announced that it has approved its commercial service providers to offer a new capability called Netflow Analysis to fight cyber threats.
Netflow Analysis will allow the commercial service providers to more effectively identify and analyze malicious activity going through their client networks. Through the enhanced cybersecurity program, DHS provides classified or sensitive information about known cyber threats to their customers. The service providers will use this information to protect their customers against unauthorized access, exploitation and data exfiltration.
DHS’s privacy office recently completed an update to the ECS privacy impact assessment along with updated notes that the Netflow Analysis capability does not enable DHS to collect, store or in any way utilize personally identifiable information, thus not raising any privacy concerns.
Netflow Analysis joins two tother ECS capabilities, including domain name service sinkholing and email filtering. CSP customers may subscribe to any of the ECS capabilities depending on their needs. U.S.-based organizations interested in services can reach out to accredited CSPs for enrollment, including AT&T, CenturyLink, Lockheed Martin and Verizon.
In June, ECS expanded eligibility requirements beyond critical infrastructure to allow all U.S.-based public and private organizations to receive services.