Page 13 - index
P. 13







for thresholds of escalation for cyber events that could become an incident of national or global
consequence.

The details would include clarity around the roles and coordination of various cyber centers
across the federal government. It would also provide clarity around the intersections between
homeland security, national defense, law enforcement and other stakeholders, considering their
respective missions. In addition, these “playbooks” would outline the relationship, collaboration,
and point of participation for private sector owners and operators.

Each of these issues had been previously identified in the findings and conclusions included in
the After Action Reports from the Cyber Storm national level exercises, as well as through real
life experience. In addition, the issue of legal and legislative authorities was a topic identified as
requiring continued attention and clarity.

So…In 2009, the collaborative public/private effort produced a draft NCIRP that was forwarded
to the federal interagency process. At the time, the interagency process would include review by
federal departments and agencies that would likely produce recommendations for additions,
deletions, and revisions to the draft. The private sector representatives were not included in
further deliberations.

In 2010, the White House released a draft Interim NCIRP. That was four years ago, and as of
2014, we have not progressed beyond that draft to finalize a strategic approach to incident
response and consequence management at a national level for cyber events that may have
National or Global consequence. There has been no subsequent collaboration between
government and the private sector critical infrastructure owner operator community in
developing the “playbooks.”

The lack of clarity around respective roles, responsibilities, and authorities continues to be a gap
that has been further documented in After Action Reports associated with Cyber Storm III
(2010) and National Level Exercise 2012.

During President Obama first term, a comprehensive study was commissioned and released
entitled, the President’s Cyberspace Policy Review in May 2009 that included, 10 Near Term
Action Items and a series of longer-term actions.

In late 2008, the President’s National Security Telecommunications Advisory Committee
(NSTAC) under President Bush, was directed to examine the need for, feasibility of, and
impediments to, a joint, integrated, public–private operational capability for cyber to improve
detection, prevention, and mitigation through information sharing, analysis, and collaboration to
achieve timely, reliable, and actionable situational awareness.

The Report of the NSTAC Cybersecurity Collaboration Task Force and its recommendation to
create such a capability to include the federal government and cyber centers, industry, state &
local government, and our international allies, was delivered to the newly elected President
Obama in May 2009. That Report was a key foundational component of the creation of the



13 Cyber Warnings E-Magazine – October 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   8   9   10   11   12   13   14   15   16   17   18