Overview Edit

The C3 Voluntary Program is an innovative public-private partnership, to help connect companies, as well as Federal, State, local, tribal, and territorial partners, to the Department of Homeland Security (DHS) and other Federal government programs and resources that will assist their efforts in managing their cyber risks.

The Program is the coordination point within the Federal Government for critical infrastructure owners and operators interested in improving their cyber risk management processes. The C3 Voluntary Program aims to: 1) support industry in increasing its cyber resilience; 2) increase awareness and use of the Cybersecurity Framework; and 3) encourage organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management.

The C3 Voluntary Program's launch in February 2014 coincides with the release of the final Cybersecurity Framework. The C3 Voluntary Program's focus during the first year will be engagement with sector-specific agencies (SSAs) and organizations using the Cybersecurity Framework to develop guidance on how to implement the Cybersecurity Framework. Later phases of the C3 Voluntary Program will broaden the program's reach to all critical infrastructure and businesses of all sizes that are interested in using the Cybersecurity Framework.