National Cyber Incident Response Plan Coming

The FBI, meanwhile, is continuing to grow its large core of "cyber-trained" investigators, said Steven Chabinsky, deputy assistant director within the FBI's cyber division. Currently, more than 2,000 Special Agents have received specialized cyber training, and more than 1,000 are trained to deal with the most sophisticated investigations. In the last fiscal year alone, the FBI sent out more than 1,800 cyber intelligence reports and analytics reports to the intelligence community, military and Department of Homeland Security.

The FBI is also increasing its collaboration with the private sector. Earlier this year, for example, it worked with the financial services industry to forge a set of best practices for preventing fraud in Automated Clearing House transactions.

None of the government officials would say that they are satisfied with the existing legal structure for combating cyber attacks, and Associate deputy attorney general James Baker explicitly said he wasn't satisfied. The Department of Justice and other agencies are in the midst of debating whether to propose changes to the legal regime, and if so, how to do so.

"We don’t want to make mistakes because this is a very complicated area," Baker said. "There are many statutes you have to consider, but also foreign law. We are very cognizant of the need to review these authorities very closely."

DHS is also involved in policy discussions, including helping to develop the right international framework for responding to state-sponsored cyber attacks. "We need closer relationships with allies," Reitinger said.

InformationWeek Analytics has published a guide to the Open Government Directive and what it means for federal CIOs. Download the report here (registration required).