Chuck Brooks, a highly esteemed leader to the cybersecurity and government contracting (GovCon) sectors as well as an influential member of Executive Mosaic’s GovCon Expert program, has released his latest article with the program.
Previously, GovCon Expert Chuck Brooks assessed the growing importance of chief data officers to the federal landscape. He explained how their roles continue to grow within the federal government and other companies in our sector.
For his latest piece, Brooks provided his commentary on the establishment of the “Joint Cyber Defense Collaborative (JCDC) and how the collaboration will establish a renewed sharing of threat information, address technology gaps, design scalable architectures and lead to better processes for cybersecurity measures between government and industry.
You can read Chuck Brooks’ latest GovCon Expert article below:
Welcoming the New Joint Cyber Defense Collaborative
By Chuck Brooks
Last week, DHS/CISA Director Jen Easterly announced the establishment of the “Joint Cyber Defense Collaborative (JCDC).” According to Director Easterly, the JCDC will:
- Share insight to shape our understanding of cyber defense challenges and opportunities
- Design whole-of-nation cyber defense plans to address risks
- Support joint exercises to improve cyber defense operations
- Implement coordinated defensive cyber operations
The JCDC is a welcome initiative for bolstering both government and industry cybersecurity capabilities. The new entity will focus on gaps in shared situation awareness and threat analysis, especially toward threat aimed and the U.S. critical infrastructure.
The list of initial private sector partners is impressive and includes Amazon Web Services, AT&T, CrowdStrike, Mandiant, Google Cloud, Microsoft, Lumen Technologies, Palo Alto Networks, and Verizon. Other cyber industry companies will also be joining the collaborative cybersecurity efforts in the future.
The Joint Cyber Defense Collaborative will also formally liaison and plan with representatives from other agencies, including the Department of Justice, United States Cyber Command, the National Security Agency, the Federal Bureau of Investigation, the Office of the Director of National Intelligence, and the Departments of Energy, Agriculture, and Treasury. The office will also consult with state & local governments.
The change in the cyber risk environment, which has grown exponentially as evidenced by state-sponsored and cyber-criminal breaches, has created a new urgency for a cybersecurity partnership between government and industry. The need to prioritize the public-private partnership (PPP) has been highlighted in recommendations by the Cyberspace Solarium Commission and legislation introduced in Congress. The JCDC itself was a direct result of the National Defense Authorization Act (NDAA) of 2021.
Public-private cooperation has been a focus of homeland security since the creation of the agency. Over the past decade, DHS along with The National Institute of Standards (NIST), have made a growing effort to bring the private sector together with the government, especially to develop information-sharing protocols. An underlying goal of cooperation with DHS/CISA and NIST was to help develop frameworks and best practices to better protect against targeted cyber intrusions.
Strategic collaboration between government and industry stakeholders is a proven model that makes good sense, but the required amount of focused funding, resources, and institutional leadership have been lacking until now. Direct Easterly noted in a speech at the Black Hat conference that “While some of this work is happening in pockets, most of it is reactive,”
Easterly told the conference. “The unique value adds of the JCDC is to create a proactive capability for government and private sector to work together closely before an incident occurs to strengthen the connective tissue and ensure a common understanding of the process.”
It is imperative to have an initiative-taking unified strategy to be able to address the growing sophistication of cyber-attacks and the JCDC will now operate as that vehicle. Under the JCDC government and the private sector will be able to better share threat information, evaluate technology gaps, and help design scalable architectures and policies that will lead to more efficiencies cybersecurity postures. Open collaboration, planning, and information-sharing among stakeholders can simplify operations and help reduce duplicative IT portfolios, administrative complexity, and technological redundancy.
The JCDC will focus early efforts at crafting strategies and responses to the scourge of ransomware targeting both industry and government, particularly aimed at critical infrastructures, such as financial systems, chemical plants, water, and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways, and buildings. In the U.S., most (85 percent) of the cybersecurity critical infrastructure is owned by the private sector and regulated by the public sector.
Other probable focus areas might include improving information sharing, protecting the supply chain, strategies for securing the Internet of Things (IoT), contending with the growing 5G wireless infrastructure, using artificial intelligence and machine learning for cybersecurity defenses, and expanding workforce training to mitigate the shortage of skilled cybersecurity workers.
Cybersecurity Research and development (R&D) will also be a beneficiary of the joint JCDC. A partnership involving information-sharing and risk-sharing between government and private stakeholders will exponentially benefit cybersecurity innovation. Combining private/public sector R&D funding and pipelines can also provide a sustainable, competitive bridge for the next generation of science and engineers to lead and achieve.
Government and industry will need to work closely together to cultivate the real potential for the New Joint Cyber Defense Collaborative. Currently, the number and sophistication of cybersecurity challenges may seem daunting, but the combined expertise and synthesis of public-private sector collaboration brings better preparedness, hope, and new potential solutions. The JCDC is a welcome addition to the homeland security portfolio.
About GovCon Expert Chuck Brooks
Chuck Brooks, president of Brooks Consulting International, is a globally recognized thought leader and subject matter expert in Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.”
Chuck is on the faculty of Georgetown University where he teaches in the Graduate Applied Intelligence and Cybersecurity Risk Programs. In government, Chuck was a “plank holder” at The Department of Homeland Security (DHS) serving as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security.
He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. He has an M.A from the University of Chicago and a B.A. from DePauw University
Chuck Brooks LinkedIn Profile: https://www.linkedin.com/in/chuckbrooks/
Chuck Brooks on Twitter: @ChuckDBrooks