President Obama has sealed his legacy as not only America’s first African-American president but also America’s first cyber president. No president before has overseen the development of internet initiatives and cyber warfare capabilities as President Obama.
To add to that legacy President Obama has issued a new Presidential Policy Directive; the United States Cyber Incident Coordination Directive. Like many other of his policies this too has come under scrutiny. Experts in the field disagree on whether the policy is workable in the event of a large scale cyber attack. On the other hand others believe that the policy is right on target.
Announced on July 26th the presidential directive assigns specific roles to the FBI, DHS and the Office of the Director of National Intelligence (ODNI). The agencies are directed to establish three lines of action that include threat response, asset response and intelligence support activities.
The policy places the FBI in charge of coordinating the immediate response to a terror related cyber event. DHS will lead the asset response action by providing technical assistance, locating the cyber attacker, protecting assets and recovering from the attack. Intelligence and analysis responsibilities will fall to the ODNI who will perform an analysis of the threat and identify opportunities to mitigate and disrupt it.
Some cyber experts believe that the new policy is “overly complicated” and has “too many moving parts.” These experts believe the policy requires new and different parts of the federal government to work together efficiently in a cyber crises without having been tested.
Phil Reitinger is CEO of Global Cyber Alliance and a former DHS deputy undersecretary for the for cyber security. Reitinger does not believe the complexity of the directive will hinder its effectiveness. “I don’t think it’s a huge lift for implementation. I suspect this is the way the government already works,” says Reitinger. “I think it’s more a likely description of the way things now generally work and ought to work as opposed to a notional thing to work toward.”
Lisa Monaco assistant to the president for homeland security and terrorism spoke at a cyber security conference on the day the directive was issued. “Our new policy acknowledges that when businesses and federal agencies are the victim of or experience a significant cyber incident, one of the most important considerations is likely to be restoring operations and getting back online. Our policy makes clear that we will coordinate with the victim to minimize any interference between their incident response and our own.”
Even though the president’s directive is design to integrate both private and federal response to a cyber attack many in the private sector feel that it leaves them out.
Internet Security Alliance chief executive Larry Clinton is happy about federal efforts to clarify its responsibilities in the event of a major cyber event. “However, defining these roles and responsibilities on a government-only basis, as this appears to have done, is bad policy making and counter to the administration’s own oft stated views on the need for government to work with the private sector,” he says. “As far as I can tell, there has been little or no private sector involvement in the development of this new system. Clinton went on to say, “Every Cyber Storm (a combined cyber exercises with industry and government) action report has stressed the need to increase coordination between the public and private sectors. This program seems to move in the opposite direction.”