On August 5^th, at the Black Hat USA conference, newly appointed director of the Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, called for a partnership between the government and private sectors. Officially titled the Joint Cyber Defense Collaborative (JCDC) this initiative will see the security industry teaming up with the federal government to proactively address and defend against the growing number of cyber threats that have been made against US organizations and government agencies in the past year.

According to CISA’s website, the JCDC will be comprised of, “representatives from across the federal government—including the Department of Homeland Security (DHS), Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI). Furthermore, the JCDC will consult with voluntary partners, including state, local, tribal, and territorial (SLTT) governments, information sharing and analysis organizations and centers (ISAOs/ISACs), as well as owners and operators of critical information systems, and other private entities, as appropriate.”

The first members from the private sector include Amazon Web Services, AT&T, CrowdStrike, FireEye/Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks, and Verizon.

The JCDC fact sheet on CISA’s website states that the collaboration effort intends to:

• Identify unique public and private sector planning requirements and capabilities
• Implement effective mechanisms for coordination
• Establish a set of shared risk priorities to inform a joint planning agenda
• Develop coordinated cyber defense plans
• Support joint exercises and assessments to measure the effectiveness of cyber defense operations

During her keynote Easterly goes on to explain, “The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive versus reactive in our collective approach to dealing with the most serious cyber threats to our nation."

CrowdStrike Services President Shawn Henry said in a statement, "Continued collaboration between industry and government is critical to thwart today's sophisticated attacks," adding, "CISA's initiative to bring the most relevant stakeholders together to defend national security is admirable."

The JCDC will provide a more cohesive link to how governments can better respond to critical infrastructure like local power co-ops and large-scale ransomware attacks that target multiple SMBs.

Featured image: Jen Easterly, CISA director. (c) Black Hat USA 2021