Last week Cybersecurity and Infrastructure Director Jen Easterly announced the launch of a new cyber defense center, the Joint Cyber Defense Collaborative (JCDC). The new center – jokingly referred to as JC/DC, in a nod to the famous band and with a logo to match — will foster collaboration to prevent cyberattacks. Easterly was confirmed by the Senate last month to lead the Department of Homeland Security’s cyber defense and although the new center’s nickname is light-hearted, the mission of JCDC is completely serious.
JCDC’s goals are to collect and share cybersecurity intel quickly, securely, and effectively to stop cyberattacks in progress, anticipate new attacks, and thwart those with malicious intent. “The information we share has to be timely and relevant to help network defenders make a decision,” she said at the announcement of JCDC last week at Black Hat USA 2021.
Ambitious Public-Private Partnership to Fight Cybercrime
Several companies have already signed on to help build the JCDC, according to CyberScoop: Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks and Verizon. Representatives from across government will be involved, too. Among those already committed: Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the Federal Bureau of Investigation (FBI), Office of the Director of National Intelligence (ODNI), the National Security Agency (NSA), as well as state, local, tribal, and territorial governments.
Sector-specific agencies, such as the Department of Energy, Department of Transportation, the Environmental Protection Agency, and the Food and Drug Administration are expected to join as the JCDC is stood up.
Notably missing from the private sector are Apple and Facebook, reports Security Week.
Back in Black (Hat)
The first goal of JCDC, according to ThreatPost, is building a framework to address the ongoing scourge of ransomware affecting critical U.S. cyber-infrastructure. This year has seen examples of the private sector aiding federal response to cyberattacks: SolarWinds, Kaseya, PrintNightmare and ProxyLogon. Easterly called out a few in particular in her keynote, reports DARKReading. Ransomware is often central to supply chain attacks that disrupt and damage, often with cascading, negative effects.
Ransomware is especially tricky to contain because there are so many potential entry points into a network, whether through classic channels like phishing emails or through emerging routes, such as operation tech networks.
Another priority is cloud security. Cloud service providers are juicy targets, and defending them is key to defending our nation on the cyber front.
Easterly also took the opportunity to stress the need to fill the 3.5 million empty cybersecurity positions globally, and 500,000+ across U.S. government and industry. A nation’s defense is only as strong as the talent it can leverage in a highly digitized world. Easterly called for “a highly ambitious national effort” to build this workforce. (And yes, we here at NetCentrics are hiring.)
We applaud the creation of JCDC. Timely, situational awareness of cyber threats and activity across all sectors of the United States is a necessary pursuit. In the words of AC/DC: for those about to rock, we salute you.