It has long been know how uncoordinated the United States government has been when faced with a cyber security incident, until now. The White House just released Presidential Policy Directive 41, addressing how the government will coordinate during a cyber related incident:
The White House has come up with a severity scheme ranging from Level Zero for an inconsequential event to Level 5 for an emergency — or an attack that poses an “imminent threat” to critical systems such as the power grid, federal government stability or people’s lives. Level 2 is reserved for an incident that may affect public safety or national security. Level 3 moves into the realm of significant, for high-severity events that are likely to have a “demonstrable” impact on public safety or national security.
There has been no known incident that would be considered a Level 5, senior officials said. The suspected Russian cyberattack on Ukraine’s electric grid in December that caused widespread power outages probably would have been a Level 4 — a “severe” event that likely would result in “significant” harm to public safety or national security — if it had happened in the United States, the official said.
Level indicator sounds easy for the layman to comprehend, but likely far too onerous for practitioners to easily determine which level is appropriate for a given incident.