Obama Issues Cyber Response Directive

Published On August 1, 2016 | By Tom Huskerson | News and Analysis
president-cyber-response-directive-gets-mixed-reviews-showcase_image-9-a-9290

President Obama consults with special assistant Lisa Monaco (White House Photo)

President Obama has sealed his legacy as not only America’s first African-American president but also America’s first cyber president. No president before has overseen the development of internet initiatives and cyber warfare capabilities as President Obama.

To add to that legacy President Obama has issued a new Presidential Policy Directive; the United States Cyber Incident Coordination Directive. Like many other of his policies this too has come under scrutiny. Experts in the field disagree on whether the policy is workable in the event of a large scale cyber attack. On the other hand others believe that the policy is right on target.

Announced on July 26th the presidential directive assigns specific roles to the FBI, DHS and the Office of the Director of National Intelligence (ODNI). The agencies are directed to establish three lines of action that include threat response, asset response and intelligence support activities.

The policy places the FBI in charge of coordinating the immediate response to a terror related cyber event. DHS will lead the asset response action by providing technical assistance, locating the cyber attacker, protecting assets and recovering from the attack. Intelligence and analysis responsibilities will fall to the ODNI who will perform an analysis of the threat and identify opportunities to mitigate and disrupt it.

Some cyber experts believe that the new policy is “overly complicated” and has “too many moving parts.”  These experts believe the policy requires new and different parts of the federal government to work together efficiently in a cyber crises without having been tested.

Phil Reitinger is CEO of Global Cyber Alliance and a former DHS deputy undersecretary for the  for cyber security.  Reitinger does not believe the complexity of the directive will hinder its effectiveness.   “I don’t think it’s a huge lift for implementation. I suspect this is the way the government already works,” says Reitinger. “I think it’s more a likely description of the way things now generally work and ought to work as opposed to a notional thing to work toward.”

Lisa Monaco assistant to the president for homeland security and terrorism spoke at a cyber security conference on the day the directive was issued. “Our new policy acknowledges that when businesses and federal agencies are the victim of or experience a significant cyber incident, one of the most important considerations is likely to be restoring operations and getting back online. Our policy makes clear that we will coordinate with the victim to minimize any interference between their incident response and our own.”

Even though the president’s directive is design to integrate both private and federal response to a cyber attack many in the private sector feel that it leaves them out.

Internet Security Alliance chief executive Larry Clinton is happy about federal efforts to clarify its responsibilities in the event of a major cyber event. “However, defining these roles and responsibilities on a government-only basis, as this appears to have done, is bad policy making and counter to the administration’s own oft stated views on the need for government to work with the private sector,” he says. “As far as I can tell, there has been little or no private sector involvement in the development of this new system. Clinton went on to say, “Every Cyber Storm (a combined cyber exercises with industry and government) action report has stressed the need to increase coordination between the public and private sectors. This program seems to move in the opposite direction.” 

See also:

Obama; First Cyber President

President Obama Launches Cyber Offensive, Part 2, Part 3

Obama Launches ConnectedHome Initiative

 

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. He attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has returned to focus on writing both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle. Most recently Tom has launched the blog African American Cyber Report. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Leave a Reply

Your email address will not be published. Required fields are marked *