North Korea's threats against the U.S. have brought a heightened sense of awareness around cyber threats, according to current and former government officials, operators of critical industrial systems, and other experts.
The U.N. Security Council last week approved new sanctions against Pyongyang, prompting vows of retaliation, specifically against the U.S.
Sources said the programs and entities ready to swing into action include Department of Homeland Security coordinating structures and information-sharing programs, the National Cyber Incident Response Plan, an interagency cyber coordinating group established during the Obama administration, and the Cyber Threat Intelligence Integration Center, or CTIIC, among others.
"The systems are in place, but they are not as mature as they should be," said one source with experience in the executive branch and the private sector.
"The CTIIC is probably working a lot of overtime right now," said a former high-ranking administration official who said the center would disseminate information about the North Korean threat "so policymakers have a comprehensive view."
The federal government has "a duty" to get related information, possibly sanitized to meet the recipients' clearance levels, into the hands of infrastructure contacts, the source noted. That information would go out through DHS or law enforcement agencies.
"The communication channels with the private sector are way better than they used to be," the former ranking administration official said.
Some of these programs have faced criticism in the past over the perceived inadequacy of coordination with the private sector, and they could be tested if the North Korea situation escalates.
"The North Korea threat is the most scary and the most direct," the source with government and private-sector experience said. "If there is a conflict, a lot of it will be fought in cyberspace. This is not a drill, it's real-world."
One source close to a critical-infrastructure group said, "So much time and effort has been invested in bringing cyber policy up to a point where various parties know how important it is. I'd like to believe we'd bring a coordinated response and handle ourselves well in a crisis."
But the source acknowledged that "countless breaches" over the years have put sensitive information about critical infrastructure systems into the hands of "foreign adversaries."
"That is known, and they can steal other information too," the source said. "That's just the reality we're living in. As the clock ticks, it seems like we're getting closer and closer to something happening. That could apply to electricity, gas, water, you name it."
That also raises the issue of deterrence, which is an unsettled topic in cyber policy circles that continues to generate debate. Situations like the standoff with North Korea increase pressure on policymakers to address cyber deterrence more clearly.
"A lot of that is still undefined," the former high-ranking administration official said. "On cyber, there isn't really the same thing as what we show on the traditional military side, where we don't tell the adversary about the specifications of our Aegis destroyers but we let them know they are there. We haven't figured out how to do that on the cyber side."
This former official called for more "transparency" about both capacities and doctrine in cyberspace as a way to deter foes and reassure allies.
Charlie Mitchell is editor of InsideCybersecurity.com, an exclusive service covering cybersecurity policy from Inside Washington Publishers, and author of "Hacked: The Inside Story of America's Struggle to Secure Cyberspace," published by Rowman and Littlefield.