(Cyberwar.news) Cyber professionals within the various federal agencies, as well as members of Congress, have long pushed the Obama administration to spell out what its response would be in the event of a major cyberattack and, in particular, who would respond.
That day has arrived.
Last week the administration released a directive designating which federal agency will take the lead in the different areas of response if the government suffers a “significant” cyberattack. The directive divides responsibility between the Department of Justice, the Department of Homeland Security and the Office of the Director of National Intelligence, The Hill reported.
Justice, via the FBI, would take the lead in finding out who is actually responsible for the attack, while DHS would assist in repairing hacked systems and helping victims. The ODNI, meanwhile, would provide the necessary intelligence support.
Going forward, DHS will be responsible for writing a new national cyber incident response plan that spells out how the federal government will interact with the private sector, state and local governments, in responding to a major cyber event.
The directive also lays out a five-level model that officials can use to rank the severity of incidents. Level 1 incidents are “unlikely to affect public health, national security…or public confidence,” the directive says, but a Level 5 incident “poses an imminent threat to wide-scale critical infrastructure services, national government or to the lives of U.S. persons.”
Most in Congress and the security industry have voiced approval for the directive, with lawmakers on both sides of the political divide having expressed growing concerns that the United States is not prepared to deal with the aftermath of a massive cyberattack.
“I have long called for more centralization of cybersecurity efforts within government, and the cyber incident coordination plan is another important step in moving away from ad hoc processes that are simply inadequate to deal with the threat we face,” Rep. Jim Langevin (D-R.I.) said in a statement commending the directive.
The document is “an important clarification of the unique roles and responsibilities that the U.S. government and the private sector bring to bear to combat cyber threats,” Ryan Gillis, a former National Security Council official and now the vice president of cybersecurity strategy at Palo Alto Networks, told The Hill.
“It is undoubtedly the government’s responsibility to prepare for the worst case scenario, and we applaud this important step to foster shared understanding about cybersecurity roles and responsibilities across the ecosystem,” he added.
Several government systems have been hacked – reportedly by foreign states including China and Russia. They include systems operated by the Office of Personnel Management, the Joint Chiefs of Staff, and President Obama’s unclassified emails.
- Epic Fail: Despite Declaring ‘National Emergency,’ White House Detects NO Cybersecurity Threats
- Obama Signs Order Extending Cybersecurity State Of Emergency
- Why Isn’t Congress Serious About Cybersecurity?
Cyberwar.news is part of USA Features Media.