CISA to partner with Amazon, Google, Microsoft, Verizon, AT&T and more for cyberdefense initiative

CISA director Jen Easterly said the initiative was being created now so they can "plan for how we're going to respond in wartime."

CISA director Jen Easterly announced a new cyberdefense collaborative that will see government bodies partner with Google, Microsoft, Verizon and more on protective cybersecurity measures.

Easterly unveiled the initiative in an interview with the Wall Street Journal before speaking about it further at the Black Hat convention on Thursday. 

The newly-appointed head of CISA told the newspaper that the Joint Cyber Defense Collaborative (JCDC) will "uniquely bring people together in peacetime, so that we can plan for how we're going to respond in wartime."

Easterly explained on Twitter that the JCDC will "share insight to shape our understanding of cyber defense challenges and opportunities, design whole-of-nation cyber defense plans to address risks, support joint exercises to improve cyber defense operations and implement coordinated defensive cyber operations."

On its website, the JCDC described its mission as leading "the development of the Nation's cyber defense plans" as it seeks to "prevent and reduce the impacts of cyber intrusions."

They explain that the $740 billion National Defense Authorization Act (NDAA) of 2021 passed on January 1 gave them "new authority" to bring together both public and private institutions to coordinate responses to cyberattacks. 

Representatives from DHS, the Justice Department, United States Cyber Command, NSA, FBI as well as the Office of the Director of National Intelligence will be involved in the initiative.

Private sector companies involved in the effort include Google, Verizon, Microsoft, AT&T, Amazon Web Services, FireEye, Lumen, Crowdstrike and Palo Alto. 

Google Cloud CISO Phil Venables told ZDNet it is essential that the public and private sectors work together to defend against evolving threats and shore up modern IT capabilities that will protect federal, state and local governments. 

"We look forward to working with CISA under the Joint Cyber Defense Collaborative and offering our security resources to build a stronger and more resilient cyber defense posture," Venables said. 

Shawn Henry, president of CrowdStrike Services and CSO, added that the JCDC will "create an inclusive, collaborative environment to develop proactive cyber defense strategies."

"Continued collaboration between industry and government is critical to thwart today's sophisticated attacks, and CISA's initiative to bring the most relevant stakeholders together to defend national security is admirable. CrowdStrike is looking forward to partnering on this critical endeavor," Henry said. 

img-6908.png

An image of the partnership shared by CISA director Jen Easterly

Jen Easterly/Twitter

"The JCDC leads the development of the Nation's cyber defense plans by working across the public and private sectors to unify deliberate and crisis action planning, while coordinating the integrated execution of these plans," the collective explained.

"The plans will promote national resilience by coordinating actions to identify, protect against, detect, and respond to malicious cyber activity targeting U.S. critical infrastructure or national interests."

JCDC will also coordinate with state level officials and other owners and operators of critical information systems. They added that "comprehensive, whole-of-nation planning" will be needed to address the wave of cybersecurity incidents facing organizations. 

In addition to defensive measures, the JCDC said it would also plan for "adaptive" cyber defense to deal with "adversary activity conducted in response to US offensive cyber operations."

The JCDC is one of many actions being taken by the Biden Administration to address ransomware attacks and many other headline-grabbing attacks in recent months. 

In addition to the new mandatory guidelines facing critical infrastructure owners, the JCDC will coordinate with them to "support the development of long-term plans to manage cyber risk and increase resilience of critical infrastructure."

During her speech at Black Hat, Easterly thanked US Senator Angus King, Congressman Mike Gallagher and the other leaders of Congress' Cyberspace Solarium Commission for their help in setting up the JCDC. 

Easterly was confirmed by Congress on July 12 following a decorated career in the military. She spent more than 20 years working on the US Army's intelligence and cyber operations and is credited with helping design and create United States Cyber Command.