With cyber threats on U.S. networks continuing to rise, the White House is in talks to determine when a cyber incident warrants a federal response.
Taking retributive action against individual and nation-state-sponsored hackers comes with risk, advised White House Cybersecurity Coordinator Michael Daniel during a speech Thursday at the RSA Conference in San Francisco.
“It’s really a question that we’re still debating and debating vigorously,” said Daniel. “The risk of misattribution, miscalculation and escalation in cyberspace are very real. As a government, any action we take in cyberspace must be considered against possible foreign policy implications and our desire to establish international norms of acceptable behavior in cyberspace.”
“We don’t want to create a truly unstable new normal that would tell other countries that it’s okay to intervene on U.S. networks, something that advocates of hacking don’t often stop to think of,” he added.
Yet, while the White House continues to the debate the issue, the heads of key U.S. security agencies have already stepped up to chart out their own roles in securing the nation’s networks from attacks.
According to Federal Bureau of Investigation Director Robert Mueller, he recently participated in a series of meetings with Department of Homeland Security Secretary Janet Napolitano and National Security Agency Director Gen. Keith Alexander to clear up any “confusion” on the roles of the three agencies.
“The FBI’s role, operating domestically, is to anticipate, investigate, attribute and disrupt cyber intrusions affecting the United States,” explained Mueller in a keynote at the RSA Conference. “NSA’s role is to gather intelligence on foreign cyber threats and to protect national security systems. DHS’s role is to protect our critical infrastructure and our networks, to coordinate mitigation and recovery from major cyber intrusions, and to disseminate threat information across various sectors.”
“Our agencies operate under separate authorities and have different roles to play,” Mueller added. “Yet we also understand that we must work together on every substantial intrusion and share information among the three of us.”
Mueller went on to describe the private sector as an “essential partner” in securing U.S. networks and encouraged increased partnerships to boost cyber threat awareness and information sharing.