Enable breadcrumbs token at /includes/pageheader.html.twig

Introducing the Joint Cyber Defense Collaborative

The Department of Homeland Security’s CISA forms new cyber defense organization.

U.S. Cyber Command cyber warriors and a French cyber professional collaborate during a July 21 training exercise, Cyber Fort III, at Fort George G. Meade, Maryland. The Command, along with federal agencies such as the FBI, NSA, DOD and the Department of Justice, will be collaborating with the new Joint Cyber Defense Collaborative to broaden U.S. cyber defenses. Credit: U.S. Cyber Command/Josef Cole

As the United States is more and more under siege against nefarious cyber attacks, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA, has been working to educate, advise and partner to protect the nation. In its latest move, CISA has created the Joint Cyber Defense Collaborative to bring defensive cyber capabilities together across the federal government, local and state entities and the private sector, according to an August 5 statement from CISA.

“[It is] a new agency effort to lead the development of cyber defense operations plans, and to execute those plans in coordination with partners from the federal interagency, private sector and state, local, tribal, territorial (SLTT) government stakeholders to drive down risk before an incident and to unify defensive actions should an incident occur,” CISA specified.

Known as the JCDC, the new agency will create and implement “comprehensive, whole-of-nation cyber defense plans to address risks and facilitate coordinated action” as well as share knowledge to assist in the collective understanding of the challenges and opportunities in cyber defense. The JCDC also will implement coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions and support joint exercises to improve defensive operations.

“The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation,” said CISA Director, Lt. Col. (Ret.) Jen Easterly, USA. “The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions and the imagination to spark new solutions. With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”

The idea for the new organization stems from leaders on Capitol Hill and recommendations of the Cyberspace Solarium Commission, Easterly noted.

“The JCDC emerged out of the imagination of the truly superb Cyberspace Solarium Commission chaired by Senator Angus King and Congressman Mike Gallagher, and the tremendous leadership of the Senate and House Homeland Security Committees, in particular Congressman Jim Langevin, who championed the effort to establish an entity that would bring together cyber defense planning capabilities currently spread out across multiple federal agencies, many state and local governments, and countless private sector entities,” she said during in a speech at an August 5 Blackhat conference. “Through this new collaboration center, we will coordinate national cyber defense planning and operations by partnering with our interagency, SLTT and private sector stakeholders,” added Easterly.

For assistance in cyber defense practices from industry, JCDC will turn to initial partners, including: Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks and Verizon. The new agency plans to add more private sector participants, CISA indicated. These companies have agreed to partner with the new organization, Easterly stated, and they will first aid efforts to combat ransomware as well as help develop a planning framework to coordinate incidents affecting cloud providers.

“This is only the beginning, as the JCDC will strive to include private sector and SLTT partners from across sectors as our focus areas expand,” a CISA spokesperson stated.

Easterly added, “If you’re interested in being a partner in the JCDC, please reach out to us – we’d love to join forces with you.”

Former executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, Shawn Henry, now president of CrowdStrike's Services Division and their chief security officer, ventured that the establishment of the JCDC creates an inclusive, collaborative environment to develop proactive cyber defense strategies. The new organization will also harness “the ability to implement coordinated operations to prevent and respond to cyberattacks,” he said. “Continued collaboration between industry and government is critical to thwart today’s sophisticated attacks, and CISA’s initiative to bring the most relevant stakeholders together to defend national security is admirable. CrowdStrike is looking forward to partnering on this critical endeavor.”

As for federal partners, the JCDC will work with many of the organizations with which CISA already closely collaborates, including: the Federal Bureau of Investigation, the Department of Justice, the Department of Defense, U.S. Cyber Command, the National Security Agency and the Office of the Director of National Intelligence. The new organization will also collaborate with so-called sector risk management agencies, including the Departments of Agriculture, Energy, Transportation, Treasury, Health and Human Services; the Environmental Protection Agency; the Transportation Security Agency; the Food and Drug Administration; and the Government Services Administration.

“In recent months, various major cyber incidents have had an impact on our critical infrastructure community and caused downstream consequences to Americans that rely on it for everyday functions,” CISA stated. “The federal government, SLTT governments and the private sector work tirelessly to strengthen our defensive posture, but none of us can do it alone. As a community, the JCDC will deploy innovation, collaboration and imagination to protect American businesses, government agencies and our people against cyber intrusions.”

The move to stand up the JCDC follows CISA's creation last week of the Vulnerability Disclosure Policy Platform meant to be the primary collection point for vulnerability information.