The CISA (Cybersecurity and Infrastructure Security Agency) has partnered with Amazon, Microsoft and Google to launch the Joint Cyber Defense Collaborative (JCDC).
The JCDC, a new agency, will initially focus on combating ransomware and cyberattacks on cloud-computing providers, said CISA Director Jen Easterly, according to The Wall Street Journal: “This will uniquely bring people together in peacetime, so that we can plan for how we’re going to respond in wartime.
JCDC: Technology and Government Agency Partnerships
Initial JCDC partners include Amazon Web Services, AT&T, CrowdStrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks, and Verizon. The JCDC will strive to include private sector and SLTT (state, local, tribal, territorial) partners from across sectors, the organization says.
The JCDC's government partners include the Department of Defense, U.S. Cyber Command, the National Security Agency, the Department of Justice, the Federal Bureau of Investigation and the Office of the Director of National Intelligence. Also, Sector Risk Management Agencies will join the effort -- though an actual date for that move was not disclosed.
The CISA did not say if or when pure-play MSPs and MSSPs (managed security services providers) will join the JCDC. Still, early participation from FireEye Mandiant, Lumen and Verizon may signal an open door for MSSP participation.
The JCDC's key priorities include such goals as:
- Design and implement comprehensive, whole-of-nation cyber defense plans to address risks and facilitate coordinated action;
- Share insight to shape joint understanding of challenges and opportunities for cyber defense;
- Implement coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions; and
- Support joint exercises to improve cyber defense operations.
U.S. Federal Government Battles Ransomware Attacks
The JCDC launch is the latest in a growing list of federal government and Biden administration moves designed to mitigate the threat of ransomware attacks. Earlier moves included:
- July 2021: The U.S. government unveiled www.StopRansomware.gov, an online hub for companies and municipalities to find resources and get assistance if they are targeted by cyberattacks, Reuters noted.
- May 2021: President Biden’s executive order on cybersecurity mentioned IT service providers more than a dozen times.