White House Unveils Color-Coded Scale for Cyber Security Threats

By Eric Noonan • July 29, 2016

On July 26, the Obama administration released a framework for incident handling around cyber-attacks.  The framework is part of the Presidential Policy Directive on United States Cyber Incident Coordination and action plan that was released in February of this year.  It provides a clear standard of when and how government agencies will handle cyber security incidents. Included in the directive is a new color-coded scale that assigns specific colors and response levels to the danger of a cyber-attack.

White-House.png

The intent of the color-coded scale and directive will ensure that the agencies that are responsible for handling cybersecurity, respond to incidents and threats with the “same level of urgency and investment.”  The scale is broken out into different levels, each representing a severity.  Level 0 (White), is considered unsubstantiated, while level 5 (Black) is considered an emergency and the attack poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of US persons.  An incident that ranks at level 3 or above is considered significant and triggers the coordination of the Departments of Justice and Homeland Security, as well as the Office of the Director of National Intelligence.  Also, the organizations that are involved in the incident contribute to the response of the attack.

How will your organization be able to respond to a cyber-attack?  Let CyberSheath assess your capabilities so you can move your security program from a reactive to a proactive, well-defined security operation.

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Trace Security