Chiefs' Corner

US-CERT strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world.

Assessments: Cyber Resilience Review (CRR)

The CRR is a no-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices. The CRR may be conducted as a self-assessment or as an on-site assessment facilitated by DHS cybersecurity professionals.

The CRR assesses enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others. The assessment is designed to measure existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices.

Please click on the following links for more information:

PDF File Icon
Self-Assessment Package
Self-assessment form and report generator.
PDF File Icon
Method Description & User Guide
Walk-through for how an organization can conduct a CRR self-assessment.
PDF File Icon
Question Set with Guidance
Self-assessment question set along with accompanying guidance.
PDF File Icon
CRR NIST Framework Crosswalk
Cross-reference chart for how the NIST Cybersecurity Framework aligns to the CRR.
PDF File Icon
Information Sheet
Summary of the CRR process.


For more information from US-CERT, please click here

See our Chief’s Corner for more information by Chiefs, for Chiefs.

Directory of Cybercrime Labs and Resources

Search for regional crime labs and other resources to help with cybercrime investigations and assistance.

What's New?


Whisper is the largest online platform where people share real thoughts and feelings, forge relationships and engage in conversations on an endless variety of topics—without identities or profiles. Whisper content and stories reach hundreds of millions of people each month across platforms. Whisper is spearheading a movement that believes that happiness starts with being your real self. Whisper is backed by venture investors including Sequoia Capital, Lightspeed Venture Partners, Thrive Capital, Shasta Ventures, Trinity Capital, and CAA Ventures. (“Whisper Press” 2016).

For more information, please visit:

Protecting law enforcement from cyber threats

This document provides material designed to assist law enforcement in protecting themselves and their families from becoming cyber targets: protecting personal information, cyber dos and don’ts, and links to further cyber training and resources. Download and read the full article at–Steps-to-Protect-Personal-Information


Want to follow the LECC on RSS?

Just point your RSS reader to (for the blogs) and for our news feeds.


Internet of Things Infographic

This fun infographic shows many different kinds of electronic devices that may be found in a residential home. Click on the icons to reveal how the IoT devices generate and store data. Click here to begin exploring the digital home.


For the Prosecutor

This information provides resources to those who prosecute cyber crimes, and includes both links to statutes and case law explicitly focusing on cyber crimes, as well as links to other legal resources related to cyber crime prosecution, such as digital search warrants, and litigation guides. Click here to view more.


Cybercrime Community Awareness and Prevention

In an effort to support and advance police/community interaction addressing cyber crime and victimization, the National White Collar Crime Center, International Association of Chiefs of Police, and the Office of Community Oriented Policing Services, and the U.S. Department of Justice, have developed training modules that identify the most common types of Internet and computer-related scams, and instructional tools to help people avoid being victimized by these scams. Click here to view the latest training module.


  • Big cities see early benefits from Internet of Things, and grapple with ongoing challenges

    Geof Wheelwright As many of the world’s biggest urban centers implement Internet of Things (IoT) technologies in a quest to become “smart cities” — making greater use of connected cameras, sensors and more — there are significant challenges along the way, including security, privacy and safety for citizens.  But there are also signs th... Continue reading
  • The Doyle Report: After Years of Hacks and Breaches, There May Be Reason for Optimism in …

    T.C. Doyle If you follow cybersecurity, you know that every week seems to bring more bad news. Just today, for example, Corero Network Security (LSE:CNS) released findings from a new survey that found that DDoS attacks pose a greater security threat to businesses than ever before. Nearly a third of IT security professionals and network... Continue reading
  • Airline Electronics Ban Probably Based On Legitimate Threats

    Willa Frej The ban on electronics larger than a cellphone on incoming flights to the United States and the United Kingdom from a handful of airports in the Middle East and North Africa was announced Tuesday without much information to back it up.  But the action was probably based on credible terrorist threats against air travel, exper... Continue reading
  • The dark web: Inside the hacker’s playground

    Tom Costello Hackers can be anywhere — down the street from their victims, or on another continent — but they all have a home base: the Dark Web. It's a corner of the Internet where hackers can sell illegal substances and stolen information, or facilitate massive hacks, like the 2014 attack on Yahoo, now blamed on Russian agents. ... Continue reading
More Updates