Broadcom Software and the JCDC

Several months ago, I wrote a blog describing the Joint Cyber Defense Collaborative (JCDC), outlining why it is different than previous private-public partnerships, and has the potential to be transformative.  After several months of Broadcom Software’s participation in the JCDC as an Alliance Member, I can report back with confidence that the JCDC is working and making a difference.

As stated previously, the JCDC is a joint collaboration between federal agencies and the private sector led by the Cyber Security and Infrastructure Security Agency (CISA).  The purpose of the JCDC is to strengthen the nation’s cyber defenses through coordinated and collaborative planning, preparation, and information sharing.

Recently, our researchers in the Symantec Threat Hunter team, part of Broadcom Software, uncovered Daxin, the most sophisticated malware we’ve seen associated with a China-linked actor. Daxin is an espionage tool that allows the attacker to perform various communications and data-gathering operations on the infected computer without raising suspicions. Our researchers did some digging, and found that certain foreign government networks were targeted. However, these foreign governments were not our customers, and we had no way to notify them of the potential harm to their systems and their sensitive information.

Enter the JCDC. Through this collaborative, we shared our findings with CISA. As the JCDC is not just one agency, but comprised of several U.S. government agencies, CISA was able to leverage its connections to enable analysis and joint understanding across multiple partners. Leveraging JCDC’s significant international partnerships, CISA helped us connect with the right contacts in the targeted governments, and assisted in the detection and remediation of their infected computers.

We at Broadcom Software believe that actionable information sharing and collaboration are the core of CISA’s present and future success. We could not have provided the necessary information to the targeted foreign governments without the leadership of CISA and the structure of the JCDC, and CISA would not have known about the malware without our partnership. This is a fundamental case study of exactly what the JCDC was created to do: To leverage the insight and expertise of the private sector, partnered with the resources and capabilities of the public sector, to identify, protect against, detect, and respond to malicious cyber activity.  In the past, all too often the private sector has been the source of a one-way flow of information to the U.S. Government, with no collaboration, follow-up, or sense of any impact or result from information sharing.  That’s definitely not the case today with CISA and the JCDC, which together represent a true public-private partnership – and exemplifies the operational collaboration CISA talks about. This close partnership is allowing us to work together to better protect against threats to the cyber landscape.  Clayton Romans, Associate Director at CISA leading the JCDC, said our engagement on Daxin was a “JCDC success story--proof that the more we collaborate, the better we can provide for the collective defense of critical infrastructure, here and abroad.”

We completely agree, and look forward to continued collaboration with federal agencies and private sector partners through the JCDC to protect and defend our nation and its critical infrastructure. Please feel free to contact us to learn more about how Broadcom Software is partnering with the JCDC or how we can help you modernize, optimize and protect your business.