CISA Stands Up Joint Cyber Defense Collaborative

The Cybersecurity and Infrastructure Security Agency will work with agency stakeholders and new private-sector partners to minimize the risk of cyber incidents and better coordinate defensive actions if successful attacks occur under a new effort announced Thursday.

The Joint Cyber Defense Collaborative, or JCDC, will aim to take a proactive approach to cyber defense in the wake of several high-profile breaches that affected the federal government and public, according to CISA Director Jen Easterly.

“The unique value add of the JCDC is to create a proactive capability for government and private sector to work together closely before an incident occurs to strengthen the connective tissue and ensure a common understanding of processes,” said Easterly, speaking at the Black Hat security conference in Las Vegas.

In a statement following her remarks, Easterly said the group’s initial focus will be on combating ransomware and planning a framework to coordinate incidents impacting cloud service providers.

 “The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions,” Easterly said in the statement.

JCDC will be charged with designing and implementing whole-of-nation cyber defense plans, sharing insights to stakeholders, coordinating defensive cyber operations and conducting joint exercises to improve cyber defense operations 

Initial industry partners include Amazon Web Services, AT&T, CrowdStrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks and Verizon.

Rep. Jim Langevin, D-RI, a senior member of the House Committee on Homeland Security and member of the Cyberspace Solarium Commission, said the JCDC is “exactly the kind of aggressive, forward-thinking we need to combat the ever-growing cyber threats that face our nation.” In a statement, Langevin said the JCDC “brings together our [Cyberspace Solarium Commission] recommendations about planning, intelligence fusion and cybersecurity operations in a visionary way.”

The Joint Cyber Defense Collaborative will house the Joint Planning Office, which Congress has authorized and eventually—if passed this year, as lawmakers like Langevin hope—the Joint Collaborative Environment, an aide for Langevin said. The Joint Collaborative Environment was excluded from the last National Defense Authorization Act after opposition from the Trump administration and some industry groups.

Current government partners in the effort thus far include the Department of Defense, U.S. Cyber Command, the National Security Agency, the Department of Justice, the Federal Bureau of Investigation and the Office of the Director of National Intelligence.