White House outlines how the US will respond to cyberattacks

Color-coded threat levels are back.

Reuters/Larry Downing

The US government is understandably worried about cyberattacks as of late, and it's now setting some ground rules for how it responds to those digital intrusions. A newly approved Presidential Policy Directive details just how officials will coordinate responses to hacks and other "cyber incidents." including its basic principles, outlining procedures and creating mechanisms that link the actions that link government divisions. Provided everything goes according to plan, officials would not only learn to share responsibility and resources when fending off attacks, but better understand the risks associated with a given crisis.

The policy also resurrects something you might have forgotten about since President Bush Jr. left office: color-coded threat levels. A new Cyber Incident Severity Schema gives the government a sense of just how seriously an attack might threaten everything from national security to foreign relations and "public confidence." If it's determined to be a green- or yellow-level risk, it's unlikely to do serious damage. There's a very tangible concern if an attack is labeled orange or red, and you'd better hope that you never see a black-rated attack -- that's an "imminent threat" where lives and critical infrastructure are in danger.

Once everything falls into place, you won't see too many conspicuous examples of the directive in action. Even the schema is meant more for internal use than alerting the public. However, you'll know that it's working if the feds spend less time scrambling to react to a cyberattack and more time setting things right, whether they're upgrading defenses or helping victims.

Cyber Incident Severity Schema