How to Report a Cybersecurity Event to CBP
Updated: Sep 12, 2022
There are a variety of cyber security "events" that your business may be subject to including cyber attacks, ransomware attacks, suspicious activity, internal security locks or updates to your current system. All of these events, even though they may not include the perpetration of a crime, may block you from adequately and compliantly submitting data to US Customs and Border Protection (CBP).
Technology is an essential element that allows for the facilitation of international trade to flow through the United States with data provided by the trade community to U.S. Customs and Border Protection and Partner Government Agencies.
If a member of the trade community is a victim of a cybersecurity attack that impacts the company’s ability to transmit transactions to CBP, CBP has identified the following information for reporting such an event and follow up steps.
Initial Steps/Communication for Reporting Cybersecurity Incident to CBP
Who to contact at CBP?
All security incidents that have any effect on the security posture of CBP must be reported to the CBP Office of Information Technology (OIT) Security Operations Center (CBP SOC) at 703-921-6507.
During business hours (6:30 am-7:30 pm EST): Contact CBP OIT SOC at 703-921-6507 and if applicable, contact the party’s Client Representative. If the Client Representative is unknown, please contact firstname.lastname@example.org.
After business hours (after 7:30 pm EST): Contact CBP OIT SOC and the CBP Technology Service Desk at ACE.SUPPORT@cbp.dhs.gov (with the Client Representative email address on copy, as appropriate).
When to contact CBP?
CBP should be contacted immediately once a cybersecurity attack is discovered.
Have you had a cyber security event and are unsure if you should report it?
Do you think that you may need to contact an attorney before CBP?
Does your business need to update their cyber security policies to be compliant with CBP?
We listen carefully to clients to ensure our understanding of the legal issues at hand, their factual context, and any limitations that might impact a chosen strategy. Feel free to connect with us using the contact form at the bottom of the Home page or send us an email at email@example.com.