August 18, 2017

August 17, 2017

Subscribe to Latest Legal News and Analysis

August 16, 2017

Subscribe to Latest Legal News and Analysis

August 15, 2017

Subscribe to Latest Legal News and Analysis

President Issues National Security Directive on Cyber Operations to Defend Government Networks; Executive Order Still Pending

According to news reports, President Obama has signed a directive to guide the actions of federal agencies in responding to cyber threats that explicitly permits actions outside government networks. President Policy Directive 20, which is not publicly available, reportedly directs agencies to take no more aggressive action than is necessary to address a threat. Under certain circumstances, however, the directive would permit the use of actions directed outside government networks—called “cyber operations”—but only for defensive purposes.

Traditional network defense strategies confined to government networks should continue to be the first response to cyber attacks, accompanied by outreach to law enforcement officials as needed. However, reports suggest that the presidential directive would permit defensive cyber actions outside government networks in some circumstances, subject to more stringent agency approval and, in many cases, the approval of the White House. This vetting process is intended to ensure that data and privacy are protected while also following the international laws of war.

The administration is still considering an executive order on cybersecurity issues that will likely address cybersecurity for private networks. Although the Senate had planned to take up cybersecurity legislation in the current lame-duck session, a vote to pass legislation in the Senate failed yesterday; the Senate may revisit the issue next month.

Copyright © 2017 by Morgan, Lewis & Bockius LLP. All Rights Reserved.


J. Daniel Skees, Electric Utilities Attorney, Morgan Lewis, Law Firm

J. Daniel Skees represents electric utilities before the Federal Energy Regulatory Commission (FERC) and other agencies on rate, regulatory, and transaction matters. He handles rate and tariff proceedings, electric utility and holding company transactions, reliability standards development and compliance, and FERC rulemaking proceedings. The mandatory electric reliability standards under Section 215 of the Federal Power Act are a major focus of Dan’s practice. He advises clients regarding compliance with reliability standards, and helps them participate in the development of new standards.