This Presidential Policy Directive released under the Obama administration outlines priorities for strengthening U.S. cybersecurity infrastructure. It focuses on describing the roles and responsibilities of various actors who act as stakeholders in the cyber domain, including multiple levels of government (Federal, state, local, tribal, and territorial (SLTT) entities) and public and private owners and operators of critical cyber infrastructure. By clarifying the roles of each of these actors, the directive aims to increase coordination and collaboration between them and improve the overall resilience of cybersecurity in the US. The report goes into particularly detailed descriptions of the role of the Secretary of Homeland Security, Sector-Specific Agencies, and the various departments of the federal government (ie. Depts. of State, Justice, Commerce, etc.). With regards to national policy, the directive identifies three main priorities for strengthening cybersecurity infrastructure: (1) to clarify relationships across the federal government (2) to enable effective information exchange through federal requirements, and (3) to implement a system for identifying vulnerabilities, performing risk assessment, and providing security recommendations for critical cyber infrastructure. Pursuant to this final point, the directive recommends that federal funds should support research and development in the areas of cybersecurity and design of critical cyber infrastructure.
