The natural follow-up to the run on open source reports related to cyberwar, cyber-soldiers, cyber-battlespace, cyberwar ethics, cyber-espionage, and the like is something along the lines of a cyber order of battle. Yesterday, the White House issued Presidential Policy Directive 41 (we’ll all remember it as PPD-41), “United States Cyber Incident Coordination” and it’s annex, “Federal Government Coordination Architecture for Significant Cyber Incidents.” PPD-41 is the Commander-in-Chief’s cyberwar WARNO.

The FBI’s subsequent press release “Cybersecurity Policy Solidifies FBI as Key Cyber Leader” highlights its place in our nation’s task organization as the main effort of our cyber-defense quick reaction force. Apparently, the FBI’s pretty happy it will be “taking the lead on threat response activities.” Indeed, according to the release, FBI Asst. Director James Trainor said, “’PPD-41 codifies the essential role that the FBI plays in cyber incident response, recognizing its unique expertise, resources, and capabilities.” Codifies. In other words, we’ve been saying all along; now it’s official.

Federal Times’ Aaron Boyd provides an evolving interpretation and commentary of PPD-41. Nextgov’s Aliya Sternstein provides a good bit of analysis and broader context for PPD-41. And Computerworld’s Patrick Thibodeau offers the glass-is-half-empty critique: “doubts remain about whether feds have their cybersecurity act together.” And PPD-41 goes into a good deal of detail, so there’s nothing like reading it yourself.


The preface to the main body of PPD41 sets the stage of the rather dark general situation: “Cyber incidents are a fact of contemporary life, and significant cyber incidents are occurring with increasing frequency, impacting public and significant cyber incidents are occurring with increasing frequency, impacting public and private infrastructure located in the United States and abroad.”

Paragraph II, Definitions, describes two types of cyber incidents to which the PPD applies. For instance, a Significant Cyber Incident is one that is “likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.”  Damn. The impact of a cyberwar just came home.

I suspect over the next several days we’ll see a number of articles deciphering various paragraphs and looking for secret messages about some impending or ongoing substantial cyberattack of which the general public is not yet aware (I’m only half-joking. It’s fair to begin wondering about that . . . I mean, if something like that was happening, I’m not sure most of us would have a need to know).

Related News

Ed Ledford enjoys the most challenging, complex, and high stakes communications requirements. His portfolio includes everything from policy and strategy to poetry. A native of Asheville, N.C., and retired Army Aviator, Ed’s currently writing speeches in D.C. and working other writing projects from his office in Rockville, MD. He loves baseball and enjoys hiking, camping, and exploring anything. Follow Ed on Twitter @ECLedford.