EINSTEIN
The Cybersecurity and Infrastructure Security Agency (CISA) has the mission to provide cybersecurity services across the Federal Civilian Executive Branch (FCEB) to support the defense of agency networks.
Overview
EINSTEIN 1 (E1) monitors the flow of network traffic transiting between FCEB agency networks and the internet. CISA uses the E1 capability to record and analyze network traffic flow records in support of its network defense mission. This enables CISA to identify potentially suspicious or malicious activity and to conduct critical forensic analysis of confirmed incidents on FCEB agency networks.
EINSTEIN 1 is not intended to be the only or primary means of network intrusion detection for FCEB agencies. Rather, E1 represents a common baseline capability that is part of a broader defense-in-depth strategy that leverages FCEB agency cybersecurity capabilities, following cyber hygiene best practices, as well as additional cybersecurity services available from CISA, such as Continuous Diagnostics and Mitigation and the Protective Domain Name System resolver service. Note that in 2024, CISA retired the EINSTEIN 2 and EINSTEIN 3 Accelerated capabilities.
Privacy
CISA integrates privacy protections into all its programs from the outset and employs a layered approach to privacy oversight for the agency's cybersecurity activities. It starts with CISA's Chief Privacy Officer and extends through dedicated privacy staff across the agency. Privacy Impact Assessments (PIAs) are conducted on each CISA program to identify and mitigate privacy risks at the beginning of and throughout the development life cycle of a program or system. PIAs help the public understand what personally identifiable information the agency is collecting, why it is being collected, and how it will be used, shared, accessed, and stored. PIAs use the Fair Information Practice Principles (pdf, 107KB) to assess and mitigate any impact on an individual's privacy. DHS has conducted a PIA for Intrusion Detection (pdf, 445KB), which replaced the PIA for E1.