CISA’s Joint Cyber Defense Collaborative to tackle energy, water security in 2023

The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) will be focusing this year on beefing up security in the energy sector and leading the effort to update the National Cyber Incident Response Plan, according to the body's planning agenda.

Announced in 2021, the JCDC is an initiative spearheaded by CISA Director Jen Easterly that features collaboration between U.S. government officials and several major tech companies, including CrowdStrike, Palo Alto, FireEye, Amazon Web Services, Google, Microsoft, AT&T, Verizon and Lumen.

The group initiated efforts to address the Log4Shell vulnerability and to prepare for the cybersecurity ramifications of Russia’s invasion of Ukraine. 

On Thursday, CISA Executive Assistant Director for Cybersecurity Eric Goldstein released JCDC’s yearly agenda, explaining that this is the first time the government and private sector will “develop and execute cyber defense plans that achieve specific risk reduction goals and enable more focused collaboration.”

The efforts will focus broadly on three topics: systemic risk, collective cyber response, and high-risk communities, according to Goldstein.

The document highlights longstanding efforts to reduce risks posed by vulnerabilities in open source software used by industrial control systems and supply chain attacks.

Goldstein said the JCDC wants to collaborate more with remote monitoring and management companies, managed service providers, and managed security service providers to better protect small and medium-sized critical infrastructure entities.

He added that the JCDC wants to deepen its work with the energy sector in collaboration with the Department of Energy and provide better protection to edge devices used within the water sector, like meters and testing tools.

There have been multiple recent attacks on energy infrastructure, including the ransomware attack on Colonial Pipeline, the cyberattack on a Florida water treatment plant in 2021 and another attack on a Kansas utility.

Several other attacks on U.S. energy infrastructure have been uncovered by the federal government in recent years.

“Over the past several years, government and the private sector have significantly advanced our processes and approaches for incident response, but our plans and doctrine have not kept up,” Goldstein said.

“JCDC will lead an effort to update the National Cyber Incident Response Plan, in close coordination with the Federal Bureau of Investigation and other partners, which will include articulating specific roles for non-federal entities in organizing and executing national incident response activities.”

The JCDC also plans to work with non-government organizations, government, and industry stakeholders to develop a cyber defense plan for civil society organizations “who are at high risk of being targeted by foreign state actors.”

Plans for work on open source security and cybersecurity support for small and midsize critical infrastructure belonging to state, local, tribal, and territorial entities will be unveiled in the coming weeks, while the rest will roll out over the next few months.

“This level of proactive planning is new; we’ll learn as we go, and we’ll be transparent about our successes and our continued areas of growth, informed as always by the input and feedback from each of our partners in this critical work,” he said.

“We will also maintain flexibility to undertake urgent planning efforts as the risk environment changes, recognizing that agility is foundational to our shared success.”

The JCDC has been lauded for its work in bringing together the most important players in the cybersecurity space and has been considered the lynchpin of Easterly’s tenure as director of CISA. The organization was pivotal in disseminating information last year as businesses and organizations dealt with the Log4j issue that affected thousands of companies. 

The JCDC was also responsible for an election security toolkit released last August that provided free resources for vendors and state and local government officials ahead of the midterm elections.