Working to clarify the role of federal government agencies in the event of a cyberattacks, the White House has released a new directive providing both a breakdown of responsibilities, and a rating system designed to communicate the level of severity, according to TechTarget SearchSecurity.
This directive is intended to clarify details regarding the federal cybersecurity incident response plan with respect to which agencies will take the lead on which types of incidents and situations, while also streamlining cooperation between agencies. Ed Hammersla, chief security officer for Forcepoint LLC, told SearchSecurity “there are many ways they could have divided responsibility; this plan is a great start. What’s most important is that they have published a plan for everyone to follow. The next step will be to see how the plan works, both in exercise scenarios and real life, so it can be refined.”
The rating system offers a set of six levels of severity, ranging from level zero, a baseline state defined as “unsubstantiated or inconsequential event”, up to level five, an event that “poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of U.S. persons”.
“Dividing cybersecurity incidents into levels is of limited use,” Timothy Edgar, academic director for law and policy, and executive master in cybersecurity at Brown University told SearchSecurity. “Each cyber-incident is unique. We should spend very little, if any, time or energy worrying about whether an incident is a three or a five, and concentrate on what to do to make our computer systems more secure.”
Source:
