Earlier this month, the US Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of the Joint Cyber Defense Collaborative (JCDC). The JCDC aims to better integrate the response of the private sector and federal and local government organs in response to cyber attacks.
According to CISA Director Jen Easterly:
“The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation […] The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions. With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”
The official CISA announcement listed four main goals for the new initiative:
- To “design and implement comprehensive, whole-of-nation cyber defense plans to address risks and facilitate coordinated action.”
- To “share insight to shape joint understanding of challenges and opportunities for cyber defense.”
- To “implement coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions.”
- To “support joint exercises to improve cyber defense operations.”
The announcement follows a number of high-profile cyber-attacks against US companies such as the attack on the Colonial Pipeline Company this year and on Microsoft, SolarWinds and VMware in 2020. Just in July of this year, the Center for Strategic & International Studies identified 14 significant “cyber incidents” which included Chinese and Iranian attacks on the United States.
The initiative includes major private industry partners such as “Amazon Web Services, AT&T, CrowdStrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks, and Verizon”. As the program expands, CISA hopes to work closely with an even wider range of companies from various industries.