The National Security Council has invoked an Obama-era presidential directive to create a Cyber Unified Coordination Group to manage the federal government’s response to the breach of the SolarWinds Orion suite at multiple agencies. The directive provides an outline for how the federal government should respond to “any cyber incident” that is “likely to result to in demonstrable harm” to national security, the economy, civil liberties, public health or the general public’s safety. In addition to the initially reported Departments of Commerce and the Treasury, the State Department, National Institutes of Health, and some Department of Defense organizations were affected.
