White House policy defines cyber roles

Shutterstock image: examining a line of code.

The White House has released a policy directive that delineates the roles of the Justice Department, the Department of Homeland Security and the Office of the Director of National Intelligence in responding to significant cyber incidents.

DHS Secretary Jeh Johnson said in a statement that President Barack Obama's Presidential Policy Directive 41 (U.S. Cyber Incident Coordination) answers the questions "Who's responsible within the federal government for cybersecurity?" and "Who in the government do I contact in the event of a cyber incident?"

Johnson added that PPD-41 is a crucial step toward bolstering the country's cybersecurity.

"It not only clarifies the roles of the various government actors involved in cybersecurity, it re-enforces the reality that cybersecurity must be a partnership between the government and the private sector, and among the law enforcement, homeland security and intelligence components of the government," he said.

PPD-41 delineates between threat and asset responses. A threat response involves investigating the crime to identify the bad guys, which falls within federal law enforcement's purview. Therefore, the Justice Department, through the FBI and the National Cyber Investigative Joint Task Force, will take the lead on threat-response activities.

The FBI said that in the event of a cyber incident, it will communicate with coordinators in the field to organize a multi-agency response. That threat response includes conducting an investigation that will collect evidence, gather intelligence, mitigate possible further threats, identify disruptive activities, and help share information and coordinate responders.

James Trainor, assistant director of the FBI's Cyber Division, said in a statement that "PPD-41 codifies the essential role that the FBI plays in cyber incident response, recognizing its unique expertise, resources and capabilities. And as the bureau continues evolving to keep pace with the cyberthreat, the authorities contained in PPD-41 will allow us to help shape the nation's strategy for addressing nationally significant cyber incidents."

Johnson said DHS' National Cybersecurity and Communications Integration Center will be the department's lead coordinator for asset response. The center will focus on helping victims of cyber incidents root out the bad guys on their systems, repair the systems, patch vulnerabilities, prevent the incident from spreading and reduce the risk of future problems.

ODNI, through its Cyber Threat Intelligence Integration Center, will be the lead for intelligence support and related activities.

The directive also put DHS in charge of the National Cyber Incident Response Plan, which will further delineate how the federal government will work with the private sector and state, local and territorial governments in responding to big cyber incidents.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.