Page 53 - Cyber Warnings
P. 53
Conversely, for “significant cyber incidents,” the Directive establishes lead Federal agencies and
an architecture for coordinating the broader Federal Government response to the incident.
Specifically, PPD-41 assigns lead response roles for:
Investigation/Information Sharing: The Department of Justice, acting through the Federal
Bureau of Investigation and the National Cyber Investigative Joint Task Force, will lead
the “threat response activities,” which include investigative activity, providing attribution,
linking related incidents, identifying threat pursuit and disruption opportunities, and
facilitating information sharing and operational coordination with asset response.
Asset Protection: The Department of Homeland Security will lead “asset response
activities,” which include furnishing technical assistance to affected entities, mitigating
vulnerabilities, reducing impacts of cyber incidents; assessing potential risks to the
sector or region; facilitating information sharing and operational coordination with threat
response; and providing guidance on how best to utilize Federal resources and
capabilities in a timely, effective manner to speed recovery.
Intelligence Support: The Office of the Director of National Intelligence, through the
Cyber Threat Intelligence Integration Center, will lead “intelligence support,” which
includes building situational threat awareness and sharing related intelligence; the
53 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide