Cybersecurity memo standardizes federal incident response

A recently released memorandum signed by President Biden outlines security protocols for national security systems, which face a different set of obstacles when dealing with highly sensitive and classified data.

The memo, "Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems," shifts the reporting structure regarding cybersecurity within the federal government, requiring departments and agencies managing national security to communicate with the Director of the National Security Agency (NSA), who also holds the title of National Manager.

"In terms of prioritization, if the National Manager needs to say, 'Departments and agencies, Log4j is a huge problem, you need to deprioritize everything relative to this and go out and fix it,' this actually gives them the authority to do that," says Greg Bednarski, Chief of Cybersecurity Policy and Strategy at NSA.

The memo also establishes a federal playbook for managing cybersecurity incidents, aiming to increase standardization and transparency throughout federal departments. "All departments and agencies will really be graded against their ability to respond both in training as well as in real cybersecurity events — not just to their secretary level, but also up to the White House level," says Bednarski.

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.