The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) today announced its Joint Cyber Defense Collaborative (JCDC) initiative which to use collaboration to drive down cyber risks faced by Federal agencies, state and local governments, and the private sector.
The JCDC’s first two efforts will look to combat ransomware, and develop a plan to respond to cyber incidents targeting cloud providers, CISA Director Jen Easterly announced at Black Hat USA 2021 today.
“The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive” rather than “reactive in our collective approach to dealing with the most serious cyber threats to our nation,” Easterly said in a release.
The JCDC will be responsible for helping integrate cyber capabilities across the Federal government, state, local, tribal, and territorial (SLTT) governments, and the private sector. The agency also announced the initial partners for the JCDC across the Federal and private sectors.
Specifically, the JCDC will look to:
- Facilitate coordination and implement cyber defense plans for the nation;
- Facilitate information sharing to allow for a joint understanding of cyber defense challenges and opportunities;
- Run coordinated cyber defense operations to prevent and reduce the impact of any cyber intrusions; and
- “Support joint exercises to improve cyber defense operations.”
The creation of the JCDC was suggested by the Cyberspace Solarium Commission, and is how CISA will operationalize the joint cyber planning office directed by the fiscal year 2021 National Defense Authorization Act, Easterly said.
“The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions,” Easterly added. “With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”
Among those industry partners, the JCDC will initially work with Amazon Web Services, Crowdstrike, AT&T, Google Cloud, FireEye Mandiant, Lumen, Microsoft, Palo Alto Networks, and Verizon. CISA said the JCDC is still looking to add more SLTT government and private sector partners.
On the Federal government side, CISA announced partnerships with the Department of Defense, U.S. Cyber Command, the National Security Agency, the Department of Justice, the FBI, and the Office of the Director of National Intelligence. The JCDC will also work with sector risk management agencies.
“Strong collaboration is key to preventing or mitigating the type of national cyber incidents we’ve seen proliferate over the last year,” Palo Alto Networks General Counsel Bruce Byrd said in a statement to MeriTalk.
“The Joint Cyber Defense Collaborative is focused on doing just that — bringing together technology leaders from across the private and public sector. Palo Alto Networks applauds the administration for establishing the JCDC, and for recognizing the innovative tools that private industry can bring to the mission. We’re proud to deepen our existing collaborative partnership to jointly protect our digital way of life,” Byrd added.