National Cyber Risk Alert Level (NCRAL)

The National Cyber Risk Alert Level (NCRAL) system is designed to inform preparedness, decision making, information sharing, and cyber incident management activities. The Assistant Secretary for the Office of Cybersecurity and Communications (CS&C) determines the alert level in coordination with recommendations from the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and partners. The levels include: Level 1 (Severe): Highly disruptive levels of consequences are occurring or imminent. Level 2 (Substantial): Observed or imminent degradation of critical functions with a moderate to significant level of consequences, possibly coupled with indicators of higher levels of consequences impending. Level 3 (Elevated): Early indications of, or the potential for, but no indicators of moderate to severe levels of consequences. Level 4 (Guarded): Baseline of risk acceptance. • National Cyber Security Division (NCSD) The National Cyber Security Division (NCSD) works collaboratively with public, private, and international entities to secure cyberspace, cyber assets, and the current United States (U.S.) cyber infrastructure through the following objectives: • To build and maintain an effective national cyberspace response system • To implement a cyber-risk management program for protection of critical infrastructure