Home » Compliance » What the New Cyber Incident Policy Directive Means for Your Organization

What the New Cyber Incident Policy Directive Means for Your Organization

What exactly is the difference between a run-of-the-mill cyber incident and a “significant” cyber incident? Your organization may or may not have had to ponder this question in the past, but the federal government certainly has — and it’s an important question to boot.

The distinction among severity levels will weigh heavily in the government’s response to cyber threats, and it will determine what is expected from organizations when they respond to a breach.

Classifying cyber threats based on their severity is a central concern featured in a policy directive President Barack Obama published this July. Building off of this classification system, the policy outlines the necessary actions for the federal government to take in response to cyber security incidents. It covers five key principles to guide the government’s response efforts. Here’s a closer look at these principles and what each of them aims to accomplish:

  1. Sharing responsibility: According to the directive, protection against cyber attacks is a responsibility that is shared among individuals, private-sector businesses and the government.
  2. Response according to risk: The government’s response to an incident will be based on severity, and incidents will be triaged to determine the severity level.
  3. Respecting affected organizations: When a private business is affected by a cyber attack, the government will protect the details of the affected organization to the extent allowed by law.
  4. Unifying the government’s efforts: Government agencies need to work collaboratively to effectively combat a security incident. The first agency to respond to an incident should notify others.
  5. Supporting rapid recovery: In responding to an incident, the government’s aim must be to help the affected party “return to normal operations” as quickly as possible.

Any organization that conducts business with the federal government must keep in mind the policy directive and the five principles the government will follow in responding to threats. Partnering with the government to share risk information and resolve incidents can benefit both the private and public sectors, but organizations must maintain adherence to these principles in their security efforts.

As an industry leader with a long history of experience with federal government security, Lunarline can help your organization ensure adherence to federal standards, whether that means full FedRAMP compliance, incident response improvements or enhancements in any other area of cyber security.

For more information, visit Lunarline online or contact one of our security experts today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.