Homeland Security and Emergency Services

Cyber Incident Response Team

In 2017, Governor Andrew M. Cuomo and the New York State Legislature created a Cyber Incident Response Team (CIRT) within the New York State Division of Homeland Security and Emergency Services (DHSES), to provide cyber security support to non-Executive agencies, local governments, and public authorities.

Pursuant to the Governor's direction, the DHSES CIRT, which has been established within the Office of Counter Terrorism, will provide support through outreach, information sharing, and cyber incident response.

Cyber security services offered by DHSES CIRT include the following:

  • Incident Response and Digital Forensics
  • Application and Infrastructure Penetration Testing
  • Cyber Training and Exercises

Contact DHSES CIRT

  • To report a Cyber incident please call: 1 (844) OCT-CIRT | 1 (844) 628-2478

  • To request DHSES CIRT cyber support please email: CIRT@dhses.ny.gov

Cyber Support Element

In 2016, Governor Cuomo formed the DHSES Cyber Support Element (CSE) by activating National Guard members to support the OCT-Critical Infrastructure Unit. The CSE provides cyber security expertise for all OCT-CI's site assessments.

The CSE also provides cybersecurity risk assessments to non-Executive agencies, local governments, and public authorities.  These risk assessments include:

  • External and Internal Vulnerability Scanning
  • Offsite Foot-printing and Network Scanning
  • Cybersecurity Posture Assessments

Contact DHSES CSE

Eligible entities interested in an assessment should email the Critical Infrastructure Protection Inbox: CIP.OCT@dhses.ny.gov

Cybersecurity Toolkit & Resources

CIS Controls Tool Mapping

The CIS Controls are recognized by Federal cybersecurity standards as a recommended approach for developing a comprehensive security program for organizations of all sizes and sophistication. These fundamental security controls outline proactive measures local governments can take to improve their overall security posture. They provide a great entry point for NYS local governments and municipalities to begin to assess their own cyber posture, identify areas of weakness or gaps, and start to develop the necessary defenses and mitigation controls to address cyber risk.

DHSES CIRT has developed a resource which maps these critical controls to free and commercially available tools that can be leveraged during assessments and security reviews.

Core Functions & Guidance for Cybersecurity Programs

The Core Functions & Guidance for Cybersecurity Programs resource helps entities identify foundational cyber security functions, and provides guidance for the implementation of a strong, resilient, cyber security program.