CISA unveils Joint Cyber Defense Collaborative with tech heavyweights as first private partners

Jen Easterly, the freshly installed head of the Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA), unveiled yesterday a new federal initiative called the Joint Cyber Defense Collaborative (JCDC) which has been structured to help lead the development of the country’s cyber defense plans. The JCDC aims to bring together the public and private sectors in a joint planning capacity to tackle cyber readiness and threats.

CISA’s announcement of the JCDC states that it will “bring together public and private sector entities to unify deliberate and crisis action planning while coordinating the integrated execution of these plans.”  The hope is that the plans will “promote national resilience by coordinating actions to identify, protect against, detect, and respond to malicious cyber activity targeting US critical infrastructure or national interests.”

The West Point-trained Easterly has a long career in the government, having served in the military, at US Cyber Command and the National Security Agency (NSA), and as senior director for counterterrorism on the National Security Council during the Obama administration. She also served a stint as head of global cybersecurity at Morgan Stanley. Speaking at the Black Hat conference, she appealed to the industry to help CISA refine the JCDC’s products to be more valuable and helpful.

Easterly relied on her military background to underscore the importance of planning in cybersecurity. “You got to plan in peacetime to prepare for wartime,” she said.

JCDC’s four tasks

Easterly said that the JCDC would primarily focus on four essential tasks:

• Share insights to create a shared situational awareness of the threat environment.
• Develop a whole of nation, comprehensive cyber defense plan to deal with significant threats to the nation.
• Work to implement these cyber defense plans into actual operations to reduce risk to the nation.
• Bring together the partners in the government and private sector to mature planning capability.

The JCDC is composed of representatives across the federal government including DHS, the Department of Justice (DOJ), Cyber Command, the NSA, the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI). The JCDC will consult with voluntary partners, including state, local, tribal, and territorial (SLTT) governments; information sharing and analysis organizations and centers (ISAOs/ISACs); owners and operators of critical information systems; and other private entities.

Top cybersecurity and tech partners announced

CISA has lined up an impressive group of cybersecurity and tech partners in the private sector, including Crowdstrike, Palo Alto, FireEye, Amazon Web Services, Google, Microsoft, AT&T, Verizon, and Lumen, Easterly announced at the conference.  The federal government has taken a few swings at creating useful public-private partnerships in cybersecurity in the past. However, for the most part, these efforts have fizzled without much success. Easterly plans to change that, she said.

“My goal is to really help breathe new life into these arguably hackneyed terms turning public-private partnerships into public-private operation collaboration and information sharing [another long-sought-after but mostly unobtainable objective] into something that is timely and relevant,” Easterly said.

JCDC can offer organizations context

Easterly pitched the idea of private sector cooperation with CISA because of the relatively new agency’s ability to glean valuable insight from a wide swath of the federal IT infrastructure. This insight can help organizations to best position their cybersecurity resources. “We can provide context to what you are seeing on your network. As we know, context is for kings,” she said.

“Given where we are placed…we capture a holistic view of the threat landscape that we can provide to enable your understanding. Given our role in helping to protect civilian and government networks, we have a very large and unique cache of data that we synthesize and analyze to help put out actionable products and guidance.”

JCDC will concentrate on ransomware, IR for cloud providers

Easterly said that the JCDC will initially concentrate its efforts on two areas: combatting ransomware and developing a planning framework to respond to cyber incidents on cloud providers. She also highlighted CISA’s role in beefing up the nation’s cybersecurity workforce through continued scholarships, reskilling of professionals who want to enter the cybersecurity workforce and scaling up other initiatives such as K-12 cybersecurity education.

Businesses also need to step up their executive-level support of cybersecurity. “If you’re a business leader or working with your CEO, make sure you are treating cybersecurity not as the purview of the IT girls but as a significant business risk.  It’s incredibly important that businesses from the highest level make cybersecurity a top priority, from the board level, and that they empower, resource and ensure that your CISOs are getting what they need to effectively defend the network.”

JCDC Is a product of the Solarium Commission

Easterly said that the JCDC “was the product of the imagination of the fantastic Cyberspace Solarium Commission,” a bi-partisan intergovernmental body formed in 2019 to tackle complex cybersecurity problems. In a statement, Congressman Jim Langevin (D-RI), a senior member of the House Committee on Homeland Security and a member of the Solarium Commission, praised Easterly’s efforts, saying that the JCDC “is exactly the kind of aggressive, forward-leaning thinking we need to combat the ever-growing cyber threats that face our nation. By bringing together planning, threat analysis, and defensive operations activities, the JCDC will continue CISA’s rapid maturation.”

Regarding whether the JCDC can succeed where other cybersecurity public-private partnerships have failed, Langevin tells CSO that “the collaboration set forth by the JCDC is without precedent. Never before has the federal government partnered with the private sector beyond pure information sharing to jointly plan, analyze threat information, and conduct cyber defense operations.”

Langevin also says that he “looks forward to an [upcoming] CISA report on the designation of an Infrastructure Coordinating Center (ICC), another Solarium Commission recommendation, “which would appear to fit in well at the newly created JCDC. I’m also looking to authorize a joint collaborative environment for threat analytics, which should also be housed under the JCDC.”