The impact of cyberattacks on private companies, especially ransomware attacks, is no longer limited to the operations of a business. The consequences are now causing visible effects on the public and government as well. The federal government is attempting to unify all entities related to cybersecurity in combatting unchecked cyberattacks with the announcement of the Joint Cyber Defense Collaborative (JCDC). JCDC aims to bring various cybersecurity organizations together to combat cyber threats.
So far this year, ransomware attacks have led to long lines at gas stations, caused a shortage of meat products, especially hotdogs, and forced customers to choose select payment methods at a few supermarkets.
The last-mentioned attack caused quite a bit of stir. Even U.S. President Joe Biden, who was at Geneva, commented that the country would take necessary action to protect its infrastructure from cyberattacks.
“If we end up in a war, a real shooting war, with a major power, it’s going to be as a consequence of a cyber breach,” Biden said during this visit to the Office of the Director of National Intelligence (ODNI).
But where, when, and more importantly, how do we address these attacks?
The JCDC and Its Intent to Combat Cybersecurity
At Alliant Cybersecurity, we believe it is essential to see the challenge holistically and address it with a 360-degree approach. The culture and focus of all stakeholders – people, academia, large corporations (not just the tech companies), SMBs, and the government, should shift towards cybersecurity.
The Joint Cyber Defense Collaborative (JCDC), by the Cybersecurity & Infrastructure Security Agency (CISA), is a welcome first step. According to its website, “the JCDC will bring together public and private sector entities to unify deliberate and crisis action planning while coordinating the integrated execution of these plans. The plans will promote national resilience by coordinating actions to identify, protect against, detect, and respond to malicious cyber activity targeting U.S. critical infrastructure or national interests.”
Various tech giants who offer cloud storage services, cybersecurity tools, and other cybersecurity services have joined the JCDC as a first step. Their initial focus will be on combating ransomware attacks and developing a framework to coordinate a response plan for incidents that occur on cloud infrastructure. The organizations include –
Crowdstrike, Palo Alto Networks, FireEye, Amazon Web Services, Google, Microsoft, AT&T, Verizon, and Lumen.
Other than the private entities, reports suggest the JCDC aims to onboard the academic and research organizations. This addition forges a Public-Private-Academic partnership to approach cybersecurity strategically.
JCDC – Powered by Diversity to Combat Cybersecurity
The JCDC inherently is a diverse committee comprising of representatives from:
Department of Homeland Security (DHS), Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI).”
JCDC will involve consultants of various states and their government entities, information sharing and analysis organizations and centers (ISAOs/ISACs), and other private organizations depending on the initiatives.
Information sharing, collaborative intelligence, and expertise among these entities will be the key to improve cyber defense and spread awareness among various stakeholders. It will strengthen our security posture one entity at a time. Every employee must understand and follows cyber safety precautions. Initially, it is always recommended to hire a specialist team or Managed Security Service Provider (MSSP) to manage your security and educate your employees.
Cybersecurity is Everyone’s Responsibility
Like climate change and natural disasters, cyberattacks are a global threat. The entire connected world should join hands to combat it.
There must be a fundamental shift in the mindset of users because human errors cause 90% of cyberattacks. Defending an organization’s digital assets and cyberspace might be the job of a service provider, a few team members, or individuals, but staying safe is everyone’s responsibility.
Every individual must understand that cyberspace and its safety are in their hands.