CISA director announces 'Joint Cyber Defense Collaborative'

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, announced a new joint effort Thursday between public and private sector entities to lead development of the U.S.'s cyber defense plans.

Easterly announced the partnership, named the Joint Cyber Defense Collaborative (JCDC), at a Black Hat 2021 keynote that kicked off the final day of the event. The JCDC's goals, as laid out on the website for the Cybersecurity and Infrastructure Security Agency (CISA), are to create comprehensive nationwide cyber plans, effectively implement these plans, coordinate actions across federal agencies, and facilitate both collaboration and information sharing among its members.

Within the government, the JCDC "will be composed of representatives from across the federal government," the website says, including the Department of Homeland Security, DOJ, FBI, the Office of the Director of National Intelligence and the United States Cyber Command. It will also work with non-federal governments and municipalities inside the U.S. as well as ISAOs, critical infrastructure operators and other private entities on a voluntary basis.

Easterly announced the collaborative with a hard rock video that listed a number of early private-sector partners including Microsoft, Google, AWS, FireEye, AT&T, Verizon, CrowdStrike, Palo Alto Networks and Lumen. The first two focus areas for the initiative will be combatting ransomware and developing a planning framework for responding to cyber incidents against cloud providers.

The CISA director explained during the Black Hat session that the idea for the JCDC came from the Cyberspace Solarium Commission, a bipartisan group established in 2018 to develop strategies to protect the United States against significant cyberattacks. The goal, she said, was to "really mature" the country's cyber planning capabilities.

"We can come together and develop real plans to enable us to defend the nation in cyber," she said at Black Hat.

Easterly is the second director of CISA, following the firing of Chris Krebs by former President Trump late last year. She was confirmed by the U.S. Senate on July 12.

SearchSecurity asked FireEye about when the vendor joined the JCDC and what they've been doing since joining. Though the company declined to respond directly, a spokesperson shared the following statement from Ron Bushar, Mandiant senior vice president and CTO of government solutions (Mandiant is a subsidiary of FireEye, though the two are planning to split).

"Mandiant is proud to be a founding alliance partner of CISA's Joint Cyber Defense Center initiative and its mission to unify public and private entities in defending the nation against cyberattacks," Bushar said. "Mandiant continues to be a key partner to U.S. government and its efforts to protect critical national infrastructure. We are excited to begin working with CISA and the other JCDC members on coordinated national cyber defense plans and capacity building efforts. This collaborative approach is a critical component to the future of our national cyber resiliency and defense."

The email address to learn more or apply to the JCDC can be found on CISA's fact sheet for the collaborative.

Alexander Culafi is a writer, journalist and podcaster based in Boston.