As hackers hone their skills, businesses deal with cybersecurity concerns on a daily basis. Most major hacks to date have focused on a specific company or agency. But what if a large cyberattack were to occur on a national scale? Who would enforce cybersecurity measures and provide guidance to businesses on what to do and how to react?
Though some federal guidance is still being worked out, the following is a roundup of five agencies that have a role in ensuring cybersecurity and responding to cyber incidents:
The Federal Bureau of Investigation:
Until recently, the level to which the federal government could get involved in a major private sector cybersecurity incident was unclear. But last month, the White House issued a presidential policy directive (PPD) on cyber incident coordination. The PPD outlines the federal role and pledges that, in the case of a major private sector cybersecurity event, federal government responders will safeguard sensitive private sector information and abstain from interfering while remaining informed of the affected organization's response.
The PPD also directs that, in the event of a cybersecurity incident or threat, the FBI and the National Cyber Investigative Joint Task Force will take the response lead.
A "relevant sector-specific agency" will also work with the federal government to help it understand "potential business or operational impact of a cyber incident on private sector critical infrastructure."
Through the PPD, the White House also promised that the Department of Homeland Security and the Department of Justice will develop a fact sheet outlining how private individuals and organizations can work with federal agencies in response to a cyber incident.
Federal Trade Commission:
Over the past decade, the FTC has established itself as the government’s chief cybersecurity enforcer when it comes to protecting consumers from a data breach. The FTC has sued several private-sector companies, including LabMD and Wyndham Hotels, for allegedly failing to protect consumer data because of lacking cybersecurity practices.
Some private companies have challenged the FTC’s authority to police cybersecurity shortcomings. LabMD's CEO and others have said Congress did not give explicit directions for the agency to go after companies with weak security measures. But the FTC then reversed an administrative law judge's decision from last November that had dismissed FTC charges against LabMD.
The reversal concludes that LabMD’s data security practices were unreasonable and constitute an unfair act or practice that violated Section 5 of the Federal Trade Commission Act. The reversal also underscored the fact that the FTC can in fact act to protect consumers from data mismanagement.
Department of Homeland Security:
The Department of Homeland Security conducts criminal investigations, develops standardized cybersecurity methods, and shares cyber response best practices and tools with other federal agencies.
Branches of DHS, such as the U.S. Secret Service and U.S. Immigration and Customs Enforcement (ICE), also have special divisions dedicated to combating cybercrime.
U.S. Secret Service:
The U.S. Secret Service controls the Electronic Crimes Task Forces, which works to find international cybercriminals. According to the agency’s website, the Secret Service’s Cyber Intelligence Section has "directly contributed to the arrest of transnational cybercriminals responsible for the theft of hundreds of millions of credit card numbers and the loss of approximately $600 million to financial and retail institutions."
The Secret Service also runs the National Computer Forensic Institute, which delivers cyber training to law enforcement officers to help them fight cybercrime.
National Institute of Standards and Technology (NIST):
NIST is a non-regulatory federal agency within the U.S. Department of Commerce. Thanks to the recently-created Commission on Enhancing National Cybersecurity, NIST is now getting more involved in helping shape cybersecurity practices.
In February, President Obama requested $19 billion for federal cybersecurity initiatives to help secure the government, critical infrastructure and "important technologies."
"I have charged the Commission on Enhancing National Cybersecurity with the critically-important task of identifying the steps that our nation must take to ensure our cybersecurity in an increasingly digital world," Obama said in a statement.
As part of the comission, the Secretary of Commerce was tasked by the President to direct the Director of NIST to provide the commission with "cybersecurity expertise, services, funds, facilities, staff, equipment and other support services as may be necessary to carry out its mission.
Recently, NIST asked for public comment on a wide range of cybersecurity topics. The goal is to eventually make recommendations to strengthen cybersecurity in both the public and private sectors. To craft the guidance, the commission is drawing on the public's knowledge of cybersecurity, particularly from "those who have experienced significant cybersecurity incidents to understand lessons learned from these experiences." The effort is part of an overall strategy to maintain a "cyber environment that encourages efficiency, innovation and economic prosperity."
The commission is seeking more information about critical infrastructure cybersecurity, cyber insurance, cybersecurity R&D and the Internet of Things, among other topics.