Recently, the White House released the Presidential Policy Directive (PPD) on United States Cyber Incident Coordination, which acts as a response plan in the event of a “large-scale cyber incident.” The PPD focuses on response activities and emphasizes the importance of coordination between Federal Government agencies and their responsibilities. For example, the Department of Justice is the lead agency for threat response activities, the department of Homeland Security is the lead for asset response activities, and the office of the Director of National Intelligence is the lead agency for intelligence support and related activities.
The PPD successfully shows the government’s recognition for a nationwide cyber incident response plan, but continues to focus on reacting to cyber attacks instead of proactively preventing them.
The White House also created a Cyber Incident Severity Schema in addition to the PPD, as a tool to evaluate and assess the gravity and urgency of a cyber incident consistently across agencies. Although this promotes coordination – a key component of fighting cybercrime – this is further evidence of the government’s lack of focus on incident prevention. Instead of accepting that a cyber attack is bound to happen, the government should promote the development of incident prevention and cybersecurity solutions. This includes promoting innovation in data security and advanced encryption technology.
Despite this flaw, the PPD does identify some response activities that could provide beneficial data to help prevent cyber attacks. Intelligence related support and activities, a responsibility of the Office of the Director of National Intelligence, could generate valuable insight on the development of new hacking methods. This can fuel innovation of new cybersecurity technologies to protect against cyber attacks and avoid cyber incidents.
The PPD is a step in the right direction for cybersecurity, but is only part of the solution. The most important task in the fight against cyber crime is finding a way to proactively prevent attacks from happening with the proper cybersecurity solutions and advanced encryption technology. Utilizing technology like Cyphre’s advanced BlackTIE® encryption not only provides secures sensitive cloud data, but renders most popular hacking techniques useless.