On July 26, 2016, President Obama issued Presidential Policy Directive/PPD-41 on United States Cyber Incident Coordination (“PPD-41” or the “Directive”). “Cyber incidents are a fact of contemporary life, and significant cyber incidents are occurring with increasing frequency,” the Directive states, giving “the private sector and government agencies . . . a shared vital interest” in preventing and responding to such incidents. To that end, the Directive, along with an accompanying fact sheet and annex, establishes guiding principles, clarifies lines of effort and assigns roles and responsibilities for the federal government’s response to significant cyber incidents that “demand unity of effort within the Federal Government and especially close coordination between the public and private sectors.” This Legal Update describes the Directive with a focus on those elements of particular interest to private sector entities.

Continue reading.