Melissa Hathaway, acting senior director of cyberspace for the National Security Council, said Wednesday that she and her team have begun a nation cyberattack response plan to be released by the end of this year. Hathaway headed the 60-Day Cyberspace Policy Review in May and is a contender for the yet-to-be-named cyber coordinator position. The 60-Day report called for the cyber coordinator to create an emergency response plan in the event of a cyber attack.
The plan will establish the role and responsibility of government and business in the event of a cyber attack and create a public-private partnership. A draft of the response plan is scheduled to be released by the fall to give the private sector time to comment and the final report finished by December 31st. The cyberspace team will be working with Aneesh Chopra, White House Chief Technology Officer, to create a ‘wiki’ forum for the private sector to critique the cyberattack response plan.
“I think there’s a number of things government hasn’t thought about that should be [incorporated] into the plan,” Hathaway explained at a conference hosted by Symantec.
Hathaway also said that the White House will be reviewing the legal implications that companies face in the event of a cyberattack.
“We’ve identified scores of legal issues that will take the entire term or two terms for the president to resolve,” said Hathaway. “We’re working with the Justice Department and Congress to [establish] laws and policies that would clarify this space. We need to address this, because we need to be able to share data to secure our environment.”
Once the Cyberattack Plan is completed, a trial test will be conducted by the Department of Homeland Security to evaluate the response plan as well as open discussions of improvement to the state and local governments.