Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government

Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government

Presidential Policy Directive (PPD)/PPD-41, United States Cyber Incident Coordination, outlines the roles federal agencies play during a significant cyber incident. The Department of Homeland Security (DHS) is unique among agencies in that it plays a major role in both asset response and threat response. Asset response focuses on the assets of the victim or potential targets of malicious activity, while threat response includes identifying, pursuing, and disrupting malicious cyber actors and activity.

DHS’s Cybersecurity and Infrastructure Security Agency (CISA) is the lead agency for asset response during a significant cyber incident. CISA assists asset owners in mitigating vulnerabilities, identifies other entities that may be at risk, and shares information across the public and private sectors to protect against similar incidents in the future.

This fact sheet, Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government, explains when, what, and how to report a cyber incident to the federal government.