CISA's Easterly Unveils Joint Cyber Defense CollaborativeNewly Appointed Director Describes Effort to Build National Cybersecurity Defense Strategy
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said in a virtual presentation at the Black Hat 2021 conference Thursday.
Participants in the JCDC will include federal agencies, state and local officials, owners and operators of U.S. critical infrastructure, and academics and security researchers, she said.
See Also: Threat Briefing: Ransomware
Besides the JDCD announcement, Easterly, whom the Senate approved as CISA director last month, called for greater collaboration between security researchers and white hat hackers.
"We know that with great power comes great responsibility," Easterly said. "One of my big priorities as a director is to ensure that we are maximizing this power and that is to cultivate and strengthen the incredible partnerships that we have - in particular with industry, with academia, with researchers within the hacker community - and to ensure that we are leveraging the best and brightest of this community for the collective defense of the nation."
Easterly said the JCDC will perform several functions, including:
- Sharing insights about the current threat landscape to better understand and develop a comprehensive cyber defense plan, including ways to better protect critical infrastructure;
- Developing exercises involving the government and the private sector to test defense plans and ensure the resilience of systems, networks and infrastructure;
- Putting these defensive plans into operation to reduce risks to the nation's critical infrastructure and IT networks.
"To some extent, some of these activities are already going on across the federal government, but they're running largely in stovepipes. So the idea is that we bring together our partners in the government and our private sector partners to really mature this planning capability," Easterly said.
Besides CISA and its parent organization, the Department of Homeland Security, other federal government participants will include the U.S. National Security Agency, U.S. Cyber Command and the FBI. Easterly announced nine companies have signed up to participate,: CrowdStrike, Palo Alto Networks, FireEye, Amazon Web Services, Google, Microsoft, AT&T, Verizon and Lumen.
The JCDC will build on the relationships CISA has with Information Sharing and Analysis Centers, or ISACs, which represent various industries. The concept for the new initiative came from the Cyberspace Solarium Commission, which published its report in 2020 (see: Senate Approves Chris Inglis as National Cyber Director).
Tom Kellermann, the head of cybersecurity strategy for VMware and a member of the Cyber Investigations Advisory Board for the U.S. Secret Service, says the newly announced JCDC is a major milestone in beefing up U.S. cybersecurity.
"The collaborative will spearhead a long overdue effort to civilize American cyberspace," Kellermann says. "It will dramatically improve situational awareness to systemic cyber intrusions and enhance coordination to respond and eradicate the persistence of our Cold War adversaries."
Ransomware and Other Threats
Easterly, who succeeded Christopher Krebs as CISA director, is taking over the agency at a time when the federal government has been dealing with a series of cyberthreats. Those include nation-state attacks, such as the SolarWinds supply chain attack and Microsoft Exchange server vulnerability exploits, and also cybercriminals' ransomware campaigns (see: Anne Neuberger on Why No Sanctions Issued Against China Yet).
President Joe Biden recently signed an executive memorandum calling for uniform cybersecurity standards across industries that oversee critical infrastructure.
In her Black Hat conference presentation, Easterly said that the proliferation of ransomware attacks, especially those that target critical sectors, such as the healthcare industry, show why the new JCDC collaborative effort is essential.
"Our two initial focus areas - the first one will not surprise you - is our effort to combat ransomware. The second one is our effort to develop a planning framework to respond to cyber incidents on cloud providers," Easterly said.
CISA at Crossroads
The White House is seeking additional funding for cybersecurity to shore up cyber defenses (see: Biden Budget Seeks to Invest Billions in US Cybersecurity).
One of the reasons the Biden administration nominated Easterly for CISA director is her long experience in cybersecurity, which she described during her Black Hat keynote presentation.
Easterly retired as an Army intelligence officer in 2011 and was then named as deputy for counterterrorism at the NSA. She later served on President Obama's National Security Council staff. After leaving the government, Easterly worked as Morgan Stanley's head of firm resilience and oversaw the company's fusion resilience center.
While in the Army, Easterly worked with Gen. Keith Alexander, who was then director of the NSA, to help establish U.S. Cyber Command.
During a brief Q&A session, Easterly said that one of her main objectives as director is to build trust between CISA and the research and hacking communities.
She received applause for coming out in favor of strong encryption, despite other government agencies' objections (see: Analysis: Strong vs. Weak Encryption).
"We have to have strong encryption to be able to ensure the defense of our networks. It's foundational, as everybody in this audience knows," Easterly said. "I realize that there are other points of view across the government. … I think strong encryption is absolutely fundamental for us to be able to do what we need to do."