Professional Documents
Culture Documents
CYBER INCIDENT
In July, the White House released a Presidential Policy Directive (PPD) on United
States Cyber Incident Coordination1 2, answering longstanding questions about
how the U.S. Federal Government will coordinate its response to cyber incidents.
The Digital Futures Project at the Wilson Center has debugged the directive for you.
A CYBER INCIDENT is defined as an event occurring on or conducted through a computer network that actually
or imminently jeopardize the integrity, confidentiality, or availability of computers, information or communications
systems or networks, physical or virtual infrastructure controlled by computers or information systems, or information
resident thereon.1
A SIGNIFICANT CYBER INCIDENT is defined as a cyber incident that is (or group of related cyber incidents that
together are) likely to result in demonstrable harm to the national security interests, foreign relations, or economy
of the United States or to the public confidence, civil liberties, or public health and safety of the American people.1
SHARED RESPONSIBILITY:
Everyone has a stake in protecting the
U.S. from cyber threats: individual
citizens, the private sector and
government.
RISK-BASED RESPONSE:
Any response (and resources required
to respond) will be determined by an
assessment of the risk posed on a
domestic and international level.
WHAT
GUIDES
U.S.
GOVERNMENT
RESPONSE
INTELLIGENCE SUPPORT
RESPONSIBILITIES
THREAT RESPONSE
In working towards NATIONAL POLICY COORDINATION, the National Security Council will chair an
interagency Cyber Response Group (CRG) to coordinate and develop U.S. policy in regards to significant
cyber incidents.
In working towards FIELD-LEVEL COORDINATION, lead Federal agencies (DoJ, DHS and ODNI) will
coordinate interactions with each other and the affected entity.
Sources
1
2
https://www.whitehouse.gov/the-press-office/2016/07/26/presidential-policy-directive-united-states-cyber-incident
https://www.whitehouse.gov/the-press-office/2016/07/26/fact-sheet-presidential-policy-directive-united-states-cyber-incident-1