The Cybersecurity and Infrastructure Security Agency (CISA) launched a new effort, called Joint Cyber Defense Collaborative (JCDC) to lead the development of the nation’s cyber defense plans by working across the public and private sectors to help defend U.S. critical infrastructure.
With the latest initiative, CISA aims to promote coordination across federal agencies, state, local, tribal and territorial (SLTT) partners, and private sector entities to identify, protect against, detect, plan for and respond to malicious cyber activity targeting U.S. critical infrastructure, according to the CISA. The JCDC’s mission for unifying cyber defense will complement existing efforts by law enforcement and the intelligence community. It also strives to drive down risk before an incident and to unify defensive actions should an incident occur.
The functioning of the JCDC depends on close partnerships with critical infrastructure companies, as the nation sets out to secure these frameworks from cyber attacks and hackers, CISA said. The federal government, SLTT governments, and the private sector work tirelessly to strengthen defensive posture, but it cannot be done alone. As a community, the JCDC will deploy innovation, collaboration, and imagination to protect American businesses, government agencies, and people against cyber intrusions.
The JCDC will integrate appropriate representatives from the public and private sectors, including interagency partners, SLTT governments, ISAOs/ISACs, and critical infrastructure owners and operators. Additionally, the JCDC will consult with appropriate cyber threat intelligence (CTI) providers to protect, defend, and respond to significant cyber attacks.
An ISAO (information sharing and analysis organization) is any entity or collaboration created or employed by public or private sector organizations, for purposes of gathering and analyzing critical cyber and related information, in order to better understand security problems and interdependencies related to cyber systems, so as to ensure their availability, integrity, and reliability, while an ISAC (information sharing and analysis center) is a nonprofit organization that provides a central resource for gathering information on cyber threats to critical infrastructure and providing two-way sharing of information between the private and public sector.
Government partners will include the Department of Defense (DoD), U.S. Cyber Command, the National Security Agency (NSA), the Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI), with sector risk management agencies, according to CISA. Initial industry partners participating in the JCDC include Amazon Web Services (AWS), AT&T, CrowdStrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks, and Verizon, it added.
The JCDC will design and implement comprehensive, whole-of-nation cyber defense plans to address risks and facilitate coordinated action, share insights that help shape joint understanding of challenges and opportunities for cyber defense, implement coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions, apart from supporting joint exercises to improve cyber defense operations.
The JCDC initiative will provide CISA and its partners an opportunity to plan, enabling it to be proactive instead of reactive in the nation’s collective approach to deal with the most serious cyber threats that target U.S. critical infrastructure.
“The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions,” CISA Director Jen Easterly said in a press statement. “With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”
SLTT stakeholders will be invited to share state and local cyber risk information with the JCDC, including long-term priorities for critical infrastructure risk reduction, to inform on the development of national-level joint cyber defense operations plans, according to CISA. The JCDC will incorporate SLTT authorities and capabilities into the JCDC planning framework and assist with the coordination of national cyber defense operations, and plan execution at the state and local levels.
Critical infrastructure owners and operators will be invited to share information related to threat activity, vulnerabilities, and incidents affecting critical infrastructure. The JCDC will collaborate with critical infrastructure owners and operators to support the development of long-term plans to manage cyber risk and increase the resilience of critical infrastructure, incorporate capabilities into the JCDC planning framework, and support the execution of cyber defense plans, according to the security agency.
CISA said that the JCDC will also rope in industry and academia partners to bring in their insights, capabilities, and resources that support the agency’s cyber-defense planning efforts.
Last week, U.S. President Joe Biden set up a voluntary industrial control systems (ICS) initiative that envisages collaboration between the federal government and the critical infrastructure community to significantly improve the security of the critical systems. The White House has also signed a national security memorandum that will enhance security for critical infrastructure control systems, focused on building cybersecurity and resilience of these systems.