A key advisory panel to leadership of the Cybersecurity and Infrastructure Security Agency (CISA) voted on Wednesday to approve three recommendations to CISA Director Jen Easterly that aim to improve the operations of the Joint Cyber Defense Collaborative (JCDC).
The recommendations involve JCDC’s focus on operational collaboration, achieving greater clarity on JCDC membership, and creating a “smart rolodex” of JCDC partners.
The creation of the JCDC was authorized by Congress in 2021. CISA bills the collaborative as a way to “unify cyber defenders from organizations worldwide,” and with a mission to proactively gather, analyze, and share “actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.”
During a public meeting at the U.S Military Academy at West Point, N.Y., on June 5, CISA’s Cybersecurity Advisory Committee discussed and approved the recommendations contained in a draft report to Easterly.
The committee’s public discussions offered mostly favorable views of JCDC activities to date, but offered up three “end-state” recommendations for the CISA director to consider.
The first of those recommendations focuses on continuing “to amplify JCDC’s focus on operational cyber defense.”
“Today, JCDC has representation from the cybersecurity community at both technical/operational and public policy levels,” the draft report says. “On a technical/operational level, JCDC has delivered substantial value in key international events like the Russia-Ukraine conflict and the Log4j vulnerability and should build on these successes. JCDC should continue and deepen its focus on operational collaboration and serve as a resource for those organizations involved in public policy.”
In defining an “ideal end state,” the report says, “if this is successful, JCDC’s day-to-day activities will center around operational collaboration, active incidents, or potential incidents. While JCDC and its members may be consulted on policy-centric questions, daily activities will not revolve around policy.”
The second recommendation says CISA should “clarify key operational components of JCDC– specifically, criteria for membership and participation in physical collaboration spaces.”
“Clarity and transparency around membership requirements and joining process would help to deepen JCDC’s impact and value,” the draft report says. “JCDC should include elements of the federal agencies that engage in collaboration with the private sector to foster deeper coordination within the federal government. Further, there would be benefit in formalizing the structure and on-going participation requirements for physical collaboration spaces.”
“By bringing together the right entities for in-person collaboration, JCDC can deepen trust amongst participants and streamline the bi-directional sharing of actionable intelligence that is key for operational response,” the draft report says, adding, “JCDC, in conjunction with key stakeholders, needs to develop clear criteria for participation in information sharing activities within 60 days.”
To reach an ideal end state on that front, “JCDC’s purpose, what it does, and the criteria for membership will be clear to not only current participants in JCDC – but also to others interested in potentially becoming a member,” the draft report says. “Further, the criteria to remain a member and continue to participate in the various information sharing mechanisms within JCDC will also be clarified.”
The final recommendation in the draft report says JCDC should leverage its convening power to “build out Coordinating Structures such as a proactive ‘Smart Rolodex’ of public and private partners.”
“A smart rolodex is a roster of the public and private sector members and their core competencies designed to make identifying potential partners simpler,” the report says, adding that “CISA should connect these partners both proactively and reactively to improve the nation’s collective defense capabilities.”
“To develop and test these Coordinating Structures, JCDC should identify an issue to exercise on a periodic basis not less than semi-annually,” the draft report recommends. “Following the exercise, JCDC can mitigate risks and identify areas of improvement.”
An ideal end state on that recommendation, the draft report says, will leave JCDC with “a clear process for continuing to identify the appropriate partners for given situations and requests. Further, JCDC will have an enhanced ability to respond to active issues while proactively preparing for future issues.”
“I am excited about the recommendations discussed today and look forward to reviewing them,” Easterly said. “I know they are thoughtful and innovative ideas that align with CISA’s priorities and mission as the previous recommendations have been.”
