by Robert Knake
Yesterday, the White House released a new policy document on the management of cyber incident response. The document, Presidential Policy Directive (PPD) 41, captures over a decade of lessons learned on how federal agencies respond to cyber incidents. It is clear about what federal agencies will do (as well as what they will not do) and sets up a series of mechanisms for coordinating federal action with private companies.
It fixes long-standing problems in Federal response policy, formalizing the “bubble chart” and creating unified coordination groups to coordinate with private entities and state and local governments based on what works for responding to real world disasters.