The IT Law Wiki


The White House, Presidential Policy Directive 41 (PPD-41): United States Cyber Incident Coordination (July 26, 2016) (full-text).


This Presidential Policy Directive (PPD) sets forth principles governing the Federal Government's response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, this PPD also establishes lead Federal agencies and an architecture for coordinating the broader Federal Government response.

This PPD further requires the Departments of Justice and Homeland Security to maintain updated contact information for public use to assist entities affected by cyber incidents in reporting those incidents to the proper authorities.

It also directed the formation of a cyber unified coordination group (UCG) to coordinate incident response efforts for the most serious incidents.

This Directive clarifies responsibilities when there is a cyber event by designating the U.S. Department of Justice (DOJ) as the lead investigator, DHS as the lead on asset protection, and the Office of the Director of National Intelligence to lead intelligence support activities. The intent is to better safeguard U.S. national interests by improving cooperation and coordination across sectors.

See also[]