Inside Cybersecurity

July 2, 2022

Daily News

CISA industry partner sees joint defense hub as ‘natural extension’ of public-private collaboration efforts

By Sara Friedman / August 23, 2021

CISA’s Joint Cyber Defense Collaborative could significantly improve industry-government coordination efforts to prepare for cyber attacks, according to Ryan Gillis of Palo Alto Networks, which was recently named one of nine private-sector partners in the initiative.

“Joining the JCDC was a natural extension of our years of collaboration with CISA and our broader commitment to public-private partnership,” Gillis told Inside Cybersecurity. “Palo Alto Networks has partnered with CISA for years, and is committed to partnering with responsible governments around the globe. We provide these partners with innovative security technologies, lend our expertise on cybersecurity best practices and policies and bi-directionally share cyber threat intelligence.”

Cybersecurity and Infrastructure Security Agency Director Jen Easterly announced the launch of the JCDC on Aug. 5. The JCDC brings together industry and government partners who will work together to establish “cyber defense operations plans” with the intent of “driving down the risk” of incidents before they occur, Easterly said.

Ryan Gillis

Ryan Gillis, Vice President for Cybersecurity Strategy and Global Policy, Palo Alto Networks

Palo Alto Networks is one of nine industry partners that are part of the launch effort. The other companies are Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft and Verizon.

Government partners include the Defense and Justice departments, U.S. Cyber Command, the National Security Agency, the FBI and the Office of the Director of National Intelligence.

Gillis, Palo Alto Networks vice president for cybersecurity strategy and global policy, said the JCDC formalizes and builds upon his company’s “years of operational collaboration” providing “threat intelligence visibility and technologies to help the U.S. Government quantify and manage national risk.”

“The mix of inaugural industry partners -- representing the most important cloud infrastructure, telecommunications and cybersecurity companies -- shows that CISA, and its other U.S. Government collaborators are focused on making the JCDC a forum that is capable of not just sharing information but using that information to inform more coordinated, whole-of-nation action to proactively prevent and disrupt cyber adversaries,” Gillis said.

The JCDC’s initial work will focus on first two “cyber defense sprints” to create a “planning framework to respond to cyber incidents on cloud providers” and efforts to “combat ransomware,” Easterly said last week at a National Security Telecommunications Advisory Committee meeting.

Industry is largely supportive of the JCDC, while some policy experts have proposed ways CISA can extend its impact.

Scott Algeier, executive director of the Information Technology-Information Sharing and Analysis Center, said the JCDC’s success will depend on “how the capability is built.”

“If this is to be a collaborative, national effort, DHS should engage with established elements of the partnership model to build out the capability,” Algeier said in an email to Inside Cybersecurity. “At the moment, it seems that DHS is selecting specific companies to engage with. In addition to raising questions about why some companies were selected and others not, this is not a scalable model.”

Algeier said, “We encourage DHS to create a joint working group comprised of representatives from government, the National Council of ISACs, the Cross Sector Coordinating Council and other relevant stakeholders to build a capability that meets the needs of the broader community. There is a lot of operational, policy, and technical experience in these groups, in addition to historical knowledge. They were created to engage with DHS on such initiatives, and they should be equal partners with government in building out this capability.” -- Sara Friedman (