Citing sources it did not name, The Washington Post reported Wednesday the president signed a secret directive in mid-October, setting new standards for federal agencies dealing with the threat of cyberattacks.
Presidential Policy Directive 20 draws a distinction between network defense and cyber operations outside of networks "for what might be called defensive purposes," a senior administration official told the newspaper.
The directive, which updates policy established in 2004, is part of a broader Obama administration effort to deal with cyberthreats, the Post reported.
"It should enable people to arrive at more effective decisions," a second senior administration official told the newspaper.
The White House is also working on an executive order to protect private networks from attack and legislation to that effect is under consideration in Congress, the Post said.
James A. Lewis, a cyber expert at the Center for Strategic and International Studies, said the new policy directive shows the United States is "not going to be a bystander anymore to cyberattacks."