CISA chief: Cyber defense program building trust between government, industry

SAN FRANCISCO — A months-old initiative by the Cybersecurity and Infrastructure Security Agency to revamp how the federal government works with the private sector to address digital threats has begun to foster a new level of faith between the two sides, the agency’s chief said Tuesday.

The Joint Cyber Defense Collaborative is “starting to build momentum, but most importantly, it's starting to build trust,” CISA Director Jen Easterly said during a panel discussion at the RSA conference.

“Trust is built through transparency, responsiveness, humility, gratitude, and everything that says, ‘We want to add value from a government perspective and you from a private sector want to add value, let's come together and do it collectively for the defense of the nation,’” she told the audience.

The public-private coordination hub, originally dubbed the Joint Cyber Planning Office, was one of the dozens of policy recommendations made by the congressionally-chartered Cyberspace Solarium Commission to improve the country’s digital posture. It was enshrined into law by the fiscal 2021 defense policy bill.

CISA formally launched the effort last August to overhaul how the government partners with private entities to respond to threats — especially during a digital crisis. 

The agency relied on the JCDC in its response to the Log4j vulnerability and Russia’s invasion of Ukraine. Those experiences prompted CISA in April to announce it would expand the threat information-sharing program to include more than a dozen companies and organizations that manufacture, support and deliver industrial control systems and operational technology.

The Homeland Security Department’s fiscal 2023 budget request asks for extra $14.7 million to scale up the JCDC’s work to ensure it can “meet the diverse needs and growing demand” of its industry partners.

In the wake of Moscow's unprovoked assault on Ukraine, the government and private entities have been “implementing what we call an ‘operational collaboration model’ where we're sharing information in near real time through a very exotic technical tool called Slack,” Easterly said, jokingly referring to the ubiquitous workplace messaging program.

She noted that in the run-up to the invasion, the agency opened a separate channel that included the Treasury and Energy departments, the Transportation Security Administration, as well as 22 of the country’s biggest banks and 38 of the largest energy companies because of potential digital “retaliation” from Russia over Washington’s support of Kyiv.

“We are building the model deliberately. But again, very mindful that to build that trust we have to do it by protecting people's privacy, protecting people's data, being transparent about it, being responsive and really adding value,” according to Easterly.