October 16, 2024 | Policy Brief

Public-Private Cyber Collaboration Needs Enhanced Real-Time Data Sharing

October 16, 2024 | Policy Brief

Public-Private Cyber Collaboration Needs Enhanced Real-Time Data Sharing

A House committee last month passed a bill to codify in law the Joint Cyber Defense Collaborative (JCDC), a Cybersecurity and Infrastructure Security Agency (CISA) collaboration initiative. If signed into law, the bill would ensure continued government commitment to working with private industry to strengthen national cybersecurity resilience.

Established three years ago, JCDC convenes federal agencies, the intelligence community, and private companies to solve current cybersecurity challenges. More than 300 organizations participate in JCDC efforts.

The new legislation, known as the Joint Cyber Defense Collaborative Act, requires CISA to develop a charter for JCDC to solidify its organizational structure and creates a 25-member advisory council of cybersecurity experts selected from current participants in JCDC to guide its strategic priorities. The bill would also establish performance metrics to evaluate JCDC’s effectiveness with the goal of refining and improving JCDC’s work as it expands to include additional private sector stakeholders.

To be sure, JCDC already has notable achievements. In one of its very first initiatives, JCDC swiftly coordinated efforts in December 2021 between federal and industry experts to mitigate a severe vulnerability in a widely used piece of software code known as Log4j. The incident was so dangerous because many software packages included the Log4j component, but customers were unaware of it. Accordingly, JCDC published a public repository identifying at-risk products and directing users to patches.

Beyond these types of mitigation efforts, JCDC has launched initiatives in specific critical infrastructure sectors — like its creation of a water and wastewater sector incident response guide. It has also tackled systemic cybersecurity risks, such as the problem of ransomware actors using a company’s own remote monitoring systems as access points to launch their attacks.

Despite these successes, participants in JCDC have expressed concern about the lack of timely and actionable sector-specific guidance. Even other federal agencies are calling for faster, more detailed communication. In June, the Government Accountability Office warned that the lack of clear policy guidance and over-classification of intelligence is delaying JCDC’s ability to disseminate information.

While the JCDC Act does not tackle this problem, CISA is aware of it and last summer began rolling out the Joint Collaborative Environment (JCE), a data platform to enable secure and real-time threat intelligence sharing between the government and industry. As originally envisioned by the Cyberspace Solarium Commission, the JCE aims to act as a data-sharing ecosystem for timely data exchange, reducing delays caused by a lack of standardized processes and over-classification of intelligence.

However, the current iteration of the JCE falls short of the commission’s vision, facing challenges in generating analytical insights and streamlining declassification processes for data sharing. The JCE’s limited resources and personnel further hinder achieving its full potential of integrating automated threat analysis.

The body that could address this problem is Congress, which could legislate requirements for the JCE in line with the Cyberspace Solarium Commission’s original conception, backed by sufficient funding and personnel. In this more robust version of the JCE, CISA, working closely with the National Security Agency, would integrate classified and unclassified data to provide members with complete and actionable intelligence for sector-specific needs.

By authorizing and appropriating funds for a more capable JCE, Congress can close JCDC’s operational gaps, improving the speed and accuracy of information sharing across the government and the private sector.

Jiwon Ma is a senior policy analyst at the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies (FDD), where Rohannah Shrestha is an intern. For more analysis from the authors and CCTI, please subscribe HERE. Follow Jiwon on X @jiwonma_92. Follow FDD on X @FDD and @FDD_CCTI. FDD is a Washington, DC-based, nonpartisan research institute focused on national security and foreign policy.

Issues:

Issues:

Cyber U.S. Defense Policy and Strategy

Topics:

Topics:

Cyberspace Solarium Commission United States Congress