One Year Later, the JCDC is Making a Difference in Cybersecurity

For years, Silicon Valley and Washington D.C. seemed to inhabit separate universes when it came to issues involving security and privacy, making it difficult for both sides of the coast to agree on sound policies, much less effectively work together.

Controversies such as showdowns over encryption, national standards for data privacy protection or breach prevention, or the surveillance disclosures by former NSA contractor Edward Snowden, demonstrated sharp divergence of opinions on these and other important issues.  Policy differences also challenged closer public/private collaboration. All the while, cybercriminal gangs and threat actors allied with unfriendly nation-states were stepping up their attacks in scope and sophistication.  

The Era of Better Collaboration

Over the last few years, the level and quality of that collaboration has improved.  Certainly, enactment of information sharing legislation, long a point of contention with industry and government, has helped, as well as an agreement in Congress on incident reporting. Similarly, the work of the Cyberspace Solarium Commission helped bring industry and government together on a longer-term strategy to secure cyberspace. 

Critical to this overall improvement has been stand-out leadership within the U.S. government during this time, and the Biden Administration has taken that leadership to the next level last year with the appointment of Jen Easterly to lead the Cybersecurity and Infrastructure Security Agency (CISA). In addition to bringing substantial cyber experience in the military and civilian branches of government, as well as the private sector, Jen has in just one year at the helm of CISA transformed how traditional public-private partnerships worked.

A Call to Action

At last year’s annual Black Hat conference in Las Vegas, Jen set the partnership on a new course when she appealed to the security industry to work with the federal government to proactively combat the escalating wave of cyberattacks.  "Partner with us,” she said, “to raise the cybersecurity baseline of our data, of our networks, of our services, of our networks, and help us make the Internet a safer place."

She backed up this call to action with actions of her own, starting with the creation of the Joint Cyber Defense Collaborative, or JCDC, which has already proven to be different from previous public-private partnerships. Like prior ventures, the JCDC would bring together federal agencies and leading security players in the private sector. Broadcom Software was asked to join this newly created collaborative, and we looked forward to bringing our deep knowledge and resources to this cybersecurity initiative.

Yet, what is significant about the JCDC’s collective and coordinated defense against cybercrime can’t be overstated. For the first time, public and private entities were going to have a centralized way to undertake joint cyber planning to better defend against cyberattacks that threaten critical infrastructure or national interests. It’s an idea whose time has come – especially given the relentless surge of crippling high-profile attacks aimed at business and government.

High Marks for Year 1

In the year since the creation of the JCDC, I’ve seen palpable progress with federal agencies and the private sector now more able to do the necessary planning and preparation needed to strengthen the nation’s cyberdefenses.

Security companies have a seat at the table, but there’s so much more on the menu. We’re not only sharing – and receiving – important security information, but we’re also sharing ideas about policy and taking more proactive steps to better defend against threats.

What’s more, unlike previous attempts at public-private partnerships around security, this one doesn’t feel like a one-way street. With the JCDC, the government brought private sector organizations into the fold to collaborate proactively on problems instead of telling them how things ought to proceed.

It is Working 

As a result, the information sharing pipeline is working.

For example, earlier this year our Symantec Threat Hunter team, uncovered the existence of Daxin, a piece of malware used as part of an espionage campaign against certain governments and other critical infrastructure targets. Our researchers found that while certain foreign government networks were targeted, they were not our customers, and we had no way to notify them of the potential harm to their systems or their sensitive information. But through the JCDC and the federal agencies that comprise it, together we were able to bring our threat intelligence to the right contacts in the targeted governments and assist in the detection and remediation of their infected computers. That kind of outreach wouldn’t have been possible if we were doing this by ourselves.

The cadence of collaboration is getting better and faster all the time. We now have ways to share information instantaneously and with all the members of the JCDC rather than have it bottled up in silos. 

Clearly, while it’s too soon to declare victory, we can proclaim progress. In just one year, Director Easterly has taken the critical steps necessary to help government, security companies and critical infrastructure stakeholders gain a more collaborative footing, see a more complete picture into the overall threat landscape, and plan a more effective response. I look forward to seeing even more progress in the years ahead.