The Joint Cyber Defense Collaborative (JCDC) created in August by the Cybersecurity and Infrastructure Security Agency (CISA) has the potential to greatly help Federal government authorities and private sector firms better “connect the dots” on global threats in cyberspace, said National Cyber Director Chris Inglis in remarks on October 13 during CISA’s National Cybersecurity Summit event.
“I’m really pleased and proud that CISA is stepping up to create the Joint Cyber Defense Collaborative, which is a place where we can gather – private sector, public sector, multiple authorities, multiple perspectives – to try to figure out how do we collaborate, such that we can make it so that if you’re going to beat one of us in cyberspace, you need to beat all of us in cyberspace,” Inglis said.
In describing the hoped-for results from JCDC, Inglis recalled a major conclusion of Federal authorities from the 2001 terrorist attacks on the United States – that intelligence and law enforcement agencies were not able to share and integrate threat information well enough to predict and prevent the attacks.
“I think a really important lesson to take 20 years on was that no one of us at the time of 9/11 had a well-formed dot that we could have pushed across to say here’s the complete picture,” Inglis said.
“What we really needed to do is to put people together that had different jurisdictions and different insights” to combine their threat knowledge “in a way that we could better understand the terrorist threat,” he continued.
“Now 20 years on, we find that once again cyberspace itself is not a sanctuary – it’s a massively interconnected set of technologies, applications [and] jurisdictions, and we find that the propensity to want to connect the dots is just as strong as it was 20 years ago,” Inglis said. “And yet if that’s all we were to do it falls short, as it did 20 years ago.”
“No one of us has enough insight about the past … to know enough to form the dots to give us a complete picture of what a transgressor might be doing across territories, while we only see a piece of it inside of our territory,” he said.
“So the lessons of 9/11 that kind of carry through is that we need to actually combine our insights, our shards of insight, our hunches, in ways that we form dots together,” Inglis said.
“But there’s a further lesson from 9/11,” he said. “You may recall that at the time of 9/11, the government owned most of the tools to deal with terrorism.”
“Today most of those tools are in the private sector, and therefore while we have to form the dots together to have a big picture about what’s transpiring in cyberspace, we also need to imagine a collaboration in the concurrent application of all of our authorities … and capabilities, such that we can essentially create the situation where an adversary transgressor needs to beat all of us to be one of us,” Inglis said.
“At the moment, we’re not doing that particularly well on even our best days,” he said. “We find ourselves using insights that are derived simply from the territory that we occupy.”
“We don’t combine those as well as we might, or as well as we should, and we find ourselves responding with what authorities we enjoy singularly in our stovepipes,” he said. “We need to actually form dots together, we need to collaborate using all of our authorities, and again, achieve a bottom line where a transgressor needs to beat all of us to beat one of us.”