Presidential Policy Directive 20 (PPD 20)
PPD 20 provides a framework for US cyber security by establishing principles and processes. Started in 2012, this directive supersedes National Security Presidential Directive NSPD-38.
The directive complements NSPD-54/Homeland Security Presidential Directive HSPD-23.
This directive pertains to cyber operations, including those that support or enable kinetic, information, or other types of operations.
Most of this directive is directed exclusively to defensive and offensive cyber effects operations: DCEO and OCEO.
National Security Presidential Directive 54 (NSPD 54)
Started in 2008, NSPD 54 was issued concurrently as Homeland Security Presidential Directive 23.
The NSPD 54/HSPD 23 authorized the DHS (together with OMB) to set minimum operational standards for Federal Executive Branch civilian networks.
It empowers DHS to lead and coordinate the national cyber security effort to protect cyberspace and the computers connected to it.
The directive contains the Comprehensive National Cybersecurity Initiative (CNCI), (EPIC 2018).
Comprehensive National Cybersecurity Initiative (CNCI)
Started in 2008, CNCI now works nationally to support full spectrum cyber operations.
The main actions of the CNCI are, (Pernik and Wojtkowiak 2016):
Create or enhance shared situational awareness within federal government, and with other government agencies and the private sector.
Create or enhance the ability to respond quickly to prevent intrusions.
Enhance counterintelligence capabilities.
Increase the security of the supply chain for key information technologies.
Expand cyber education.
Coordinate and redirect research and development efforts.
Develop deterrence strategies.