CISA launches new initiative to combat ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) has officially unveiled the Joint Cyber Defense Collaborative (JCDC), a new effort to combat ransomware attacks by expanding info sharing between the public and private sectors, with Amazon, Google and Microsoft all signing onto the initiative.

The JCDC was established to develop comprehensive cyber defense strategies while sharing insights between the federal government and its partners on cyber intrusions and defense operations, according to CISA Director Jen Easterly, who outlined the collaboration at Thursday's Black Hat cybersecurity conference.

The JCDC was created in response to recommendations from the Cyberspace Solarium Commission, which initially proposed "bringing together the public sector and private sector in a joint-planning capability to help us build plans against the most significant cyber threats to our nation," Easterly said.

"The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive versus reactive in our collective approach to dealing with the most serious cyber threats to our nation," Easterly said. "The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country's national critical functions from cyber intrusions and the imagination to spark new solutions."

Officials from partner agencies will work within the JCDC office to spearhead U.S. cyber defense plans while outlining best practices to thwart cyber intrusions and reduce their impact, according to a CISA webpage about the new collaboration. The office will consult with and share information between state and local governments, operators of critical information systems, private industry partners and other entities.

A major goal for the JCDC is to coordinate public- and private-sector strategies to counter cyberattacks, especially ransomware, while establishing incident response frameworks.

The Department of Defense, the FBI, the National Security Agency and the U.S. Cyber Command are among the government partners. On the private-sector side, the effort launched with help from Amazon Web Services, Google Cloud, Microsoft, FireEye Mandiant, Lumen, Verizon, AT&T, Palo Alto Networks and CrowdStrike.

Shawn Henry, president of CrowdStrike Services, said in a statement the JCDC "will create an inclusive, collaborative environment to develop proactive cyber defense strategies" and help both sectors "implement coordinated operations to prevent and respond to cyberattacks."

"Continued collaboration between industry and government is critical to thwart today's sophisticated attacks," Henry said, adding: "CISA's initiative to bring the most relevant stakeholders together to defend national security is admirable."