A new policy recently rolled out by the White House gives some federal agencies as little as 24 hours to assess the impact of a cyber attack and report the attack if it reaches a level of major concern.
CNN, which obtained a copy of the memo released by the National Security Council from the White House (NSC), said the policy applies to national security and intelligence agencies, including the FBI, and does not give to some agencies that 24 hours to report a cyber attack which they assess as “a national security concern” for the White House.
A US official told The Hill on Friday that the memo was “a common process and methodology to help the US government speak with one voice.” – Nothing more and nothing less. It provides the framework for the NSC to perform an initial assessment to determine whether a cyber incident reaches the level of a national security issue. In many incidents, this assessment will change over time.
“Throughout the year, we have worked to refine and strengthen the federal government’s response to all cyber incidents. in a more uniform and whole-of-government manner, ”the official said. “This continues to be our goal – We learn from every incident and refine our approach to incident management to be faster and better every time.
The policy comes after a difficult year of major ransomware attacks on companies, including Colonial Pipeline and JBS USA, as well as the SolarWinds hack, which has allowed Russian government-linked hackers to compromise at least nine federal agencies for the most by 2020.
The administration has taken a series of measures to strengthen the country’s cybersecurity since President BidenJoe BidenNicaragua Breaks Diplomatic Ties With Taiwan, Acknowledges Chinese Sovereignty Biden Reassures Ukraine’s Zelensky Of US Support Amid Russian Aggression On The Money – Senate Risks Trump’s Wrath With Debt Ceiling Deal MORE to take place. These include Biden’s signing of a cybersecurity-focused executive decree in May, the imposition of sanctions on Russia in April in retaliation for the SolarWinds violation, and the summoning of the Ransomware Initiative unite dozens of nations to fight ransomware attacks.
As the administration has taken action against various countries regarding the cyber incidents, including Biden’s meeting with the Russian president Vladimir PoutineVladimir Vladimirovich Putin Biden reassures Ukraine’s Zelensky of US support amid Russian aggression Ukrainian military leaders say forces don’t have much luck against Russia without Western help Four Steps to Deterring a invasion of Ukraine MORE in June, when cybersecurity was a key topic, the US official told The Hill on Friday that the new policy was not focused on any particular country.
“Our process is not driven by country or incident, but rather by a commitment to have an effective process that will protect the American people and our critical infrastructure,” the official said.
The note was also released as members of Congress on both sides of the aisle scramble to adopt a law this could create a form of mandatory cyber incident reporting for critical infrastructure groups. Federal officials have repeatedly lobbied for the policy, arguing the need for greater transparency in the face of threats facing the private sector.
The US official said on Friday that the note was part of the administration’s efforts to achieve greater transparency in attacks targeting the nation.
“I wouldn’t attempt to characterize or predict what our response would be to any incident in advance – we don’t, which is exactly why we created an orderly process to do these types of assessments,” he said. declared the responsible. “This is exactly what the American people should expect from their government, that we will make informed professional judgments on complex incidents. Then, informed by this assessment, we will take all necessary measures to ensure the security of the nation. “