What is CISA’s New Joint Cyber Defense Collaborative?
The Cybersecurity and Infrastructure Security Agency (CISA) recently announced a new initiative that they hope will harness the ingenuity and innovation of the private sector to help the agency’s mission to protect America’s critical infrastructure from cyber threats.
The announcement was made by the agency’s new director, Jen Easterly, who was confirmed to the job in July, months after being initially nominated. Easterly is the agency’s first non-interim director since Christopher Krebs was fired by President Trump in 2020 in the wake of his statements regarding the security of the 2020 presidential election.
In what was really her first major appearance since taking the reins at CISA, Easterly, who sported a “Free Britney” t-shirt during her speech, introduced the new Joint Cyber Defense Collaborative at the Black Hat cybersecurity conference earlier this month. The CISA initiative will lean heavily on public sector, namely the mega-companies that are commonly referred to as “Big-Tech.” This new approach at CISA has the potential to shape the future of Public/Private cooperation in the cybersecurity space and will heavily involve companies including Google and Microsoft.
According to the CISA Website, “The Joint Cyber Defense Collaborative (JCDC) will lead the development of the Nation’s cyber defense plans, which outline activities to prevent and reduce the impacts of cyber intrusions,” and its mission statement states that JCDC will be “working across the public and private sectors to unify deliberate and crisis action planning, while coordinating the integrated execution of these plans.”
Among the key private sector partners involved, Microsoft, the author of the most commonly used anti-virus suites, Microsoft Defender Antivirus (formally Windows Defender), also previously created the elite Microsoft Detection and Response Team (DART). DART has extensive experience working with outside security groups globally and providing investigative services to both government and private entities, including some of the more commonly targeted businesses in the financial sector.
Another partner, Google Cloud Services, can boast of its Risk Assessment & Critical Asset Discovery Solutions which assists organizations globally in assessing IT risk while providing security and resilience recommendations. Google Cloud Services has also created Risk Manager that evaluates risk for customers and assists their customers in qualifying for cyber insurance.
Among the government entities that will be involved with JCDC are the Department of Homeland Security (DHS), the Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI). Additionally, the JCDC will seek to consult with other voluntary partners that include state and local level government entities, information sharing and analysis organizations and centers (ISAOs/ISACs).
Real-world experience from companies that stand at the cutting edge of technology like Google and Microsoft are bringing the Biden administration the exact kind of expertise needed in the face of growing cyber threats, especially after an extended period that sees the US far too often playing catch up against hackers.
With the continuing rise Ransomware as well as international state-sponsored Advanced Persistent Threats (APTs), CISA’s Easterly is making a strong first move towards better protecting America.
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by websites including Newsmax, Townhall, American Thinker and BizPacReview.