U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. About Us
  3. Site Links
  4. Archived
  5. News Archive
  6. Statement By Secretary Jeh C. Johnson Regarding PPD-41, Cyber Incident Coordination

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

Statement By Secretary Jeh C. Johnson Regarding PPD-41, Cyber Incident Coordination

Release Date: July 26, 2016

For Immediate Release
DHS Press Office
Contact: 202-282-8010

As Secretary of Homeland Security, I am often asked “who’s responsible within the federal government for cybersecurity? Who in the government do I contact in the event of a cyber incident?”

Today, President Obama’s Presidential Policy Directive/PPD-41, United States Cyber Incident Coordination, clarifies the answer to these questions.  The PPD spells out the lines of responsibility within the federal government for responses to a significant cyber incident, and specifies who to contact in the government in the event of an incident.  The PPD delineates between “threat responses” and “asset responses.” A “threat response” essentially involves investigating the crime, so that we can hunt down the bad actor.  As the PPD spells out, federal law enforcement is the key point of contact for a threat response.  The Department of Homeland Security, through our cybersecurity experts at the National Cybersecurity and Communications Integration Center, will act as the point of contact and lead coordinator for asset response.  “Asset response,” like a threat response, is crucial.  It involves helping the victim find the bad actor on its system, repair its system, patching the vulnerability, reducing the risks of future incidents, and preventing the incident from spreading to others.

Finally, the PPD directs the Department of Homeland Security to lead the effort to write the National Cyber Incident Response Plan.  This Plan will set out how the federal government will work with the private sector and state, local, and territorial governments in responding to a significant cyber incident.

Today’s PPD is one more crucial step by the Obama Administration to improve our nation’s cybersecurity.  It not only clarifies the roles of the various government actors involved in cybersecurity, it re-enforces the reality that cybersecurity must be a partnership between the government and the private sector, and among the law enforcement, homeland security and intelligence components of the government.


Last Updated: 09/21/2018
Was this page helpful?
This page was not helpful because the content