The US Cybersecurity and Infrastructure Security Agency (CISA) has released its 2024 Priorities for the Joint Cyber Defense Collaborative (JCDC) [1] [2] [3]. This collaborative effort between industry and government partners aims to address urgent cybersecurity risks and engage in joint planning [4].
Description
Established in 2021 [4], the JCDC’s 2024 priorities focus on defending against advanced persistent threats (APTs) [1] [3] [4], particularly those associated with the People’s Republic of China (PRC) [1], and disrupting US critical infrastructure [2]. The collaborative also aims to enhance the cybersecurity baseline of critical infrastructure entities and anticipate emerging technology risks.
The JCDC’s priorities include preparing for major cyber incidents, safeguarding election integrity [5], and mitigating the impact of ransomware attacks [5]. They also prioritize promoting Secure by Design principles and addressing threats related to artificial intelligence (AI). Specifically, the JCDC plans to leverage Secure by Design principles to defend against ransomware campaigns and assess the benefits and risks of AI on critical infrastructure [5]. Additionally, the collaborative will work with private sector partners and other agencies to detect and respond to malicious APT activity [2], such as living off the land techniques [2]. The JCDC will update the National Cyber Incident Response Plan to reflect changes in cyber operations and policy and maximize resources and partnerships to reduce the impact of ransomware and data extortion on critical infrastructure. The alliance emphasizes the importance of collaboration between government and private sector entities in tackling cybersecurity challenges [1]. Critical infrastructure organizations and entities with cybersecurity expertise are encouraged to participate in the JCDC.
Conclusion
The JCDC’s 2024 priorities have significant implications for cybersecurity. By focusing on defending against APTs [5], safeguarding election integrity [5], and mitigating ransomware attacks, the collaborative aims to strengthen the security of critical infrastructure. The promotion of Secure by Design principles and addressing AI-related threats further enhances cybersecurity measures. The JCDC’s collaboration with private sector partners and other agencies ensures a comprehensive approach to detecting and responding to malicious activity. The update of the National Cyber Incident Response Plan reflects the evolving nature of cyber operations and policy [2]. By maximizing resources and partnerships [2], the JCDC aims to reduce the impact of ransomware and data extortion on critical infrastructure [2]. The participation of critical infrastructure organizations and entities with cybersecurity expertise is crucial in achieving these goals.
References
[1] https://www.infosecurity-magazine.com/news/cisa-reveals-jcdc-2024/
[2] https://executivegov.com/2024/02/cisa-releases-2024-joint-cyber-defense-collaborative-strategy/
[3] https://www.meritalk.com/articles/cisa-2024-jcdc-priorities-feature-apts-ai-infrastructure-threats/
[4] https://www.cisa.gov/news-events/news/extending-breadth-and-depth-our-partnerships-jcdc-2024-priorities
[5] https://dig.watch/updates/cisa-publishes-2024-cyber-defence-priorities
