The Cybersecurity and Infrastructure Security Agency (CISA), the top U.S. cyber defense agency, is contemplating a major transformation of its flagship public-private partnership. This initiative, known as the Joint Cyber Defense Collaborative (JCDC), has encountered difficulties due to ambiguous membership rules and participation barriers, according to experts. Recommendations for restructuring the JCDC were discussed and approved by CISA’s Cybersecurity Advisory Committee, urging a deeper focus on operational collaboration and clearer criteria for membership and participation.
Established in 2021, the JCDC was designed to foster best practices development across industries and serve as a resource for organizations involved in public policy. Despite achieving significant milestones, a draft report acknowledges that the collaborative is still in its early stages nearly three years later. CISA Director Jen Easterly expressed anticipation for reviewing the thoughtful recommendations aligning with CISA’s mission and priorities.
CISA has faced challenges in defining JCDC membership criteria and the significance of being a JCDC partner, leading to a slow start, according to experts. However, the collaborative has made strides, with over 300 partner organizations across 12 critical infrastructure sectors and the development of security guidance for various industries. Recommendations include publicly defining membership criteria and issuing regular reports on JCDC activities to enhance transparency and collaboration.
Moving forward, the Cybersecurity Advisory Committee emphasized the importance of clarifying membership criteria and enhancing the JCDC’s ability to respond to active cyber threats while preparing for future challenges. The JCDC’s evolution aims to address mission uncertainty and bolster collaboration efforts to strengthen the nation’s cybersecurity posture.
