On July 26, 2016, responding to rising cyber attacks and public criticism, the federal government issued a Presidential Policy Directive (PPD-41), to clarify the role of law enforcement agencies, to increase coordination across the government, and to divide cybersecurity efforts into three categories: asset response, threat response and intelligence support. PPD-41 outlines five key principles for the federal government and federal agencies in complying with the "whole-government" approach to cybersecurity. Although the initiative is directed at the federal government and sector-specific agencies, private entities are also likely to be affected and are instructed on the best practice for cyber incident reporting.
PPD-41 emphasizes unity in the government's response to cybersecurity incidents, outlining five guiding principles of the directive. In structuring incident reporting and protection mechanisms, the government seeks to emphasize shared responsibility, increased awareness, risk-based responses, respect to entities affected by the incident, unity in governmental efforts in responding to an incident, and allowing effective restoration and recovery following a cybersecurity breach. In distributing the responsibilities of cybersecurity, the government delineates specific agencies to take charge of the three categories of protection. The Department of Homeland Security (DHS) will lead asset response activities and post-breach recovery needs, the Department of Justice (DOJ) in collaboration with the FBI will be in charge of threat response, and the Office of the Director of National Intelligence (ODNI) will head intelligence support.
To continue reading the content in this article on the firm's Government Contracts & International Trade blog, please click here to view the post.
Bass, Berry & Sims' Government Contracts & International Trade blog features news, commentary and insight on the demanding and ever-changing regulatory environment of contracting with federal, state and local governments, and international trade issues when conducting a global business.