At a glance.
- What we know about the DoD’s National Defense Strategy.
- More on CISA’s SCuBA project.
- Joint Cyber Defense Collaborative forming under CISA leadership.
What we know about the DoD’s National Defense Strategy.
The US Department of Defense (DoD) submitted its National Defense Strategy (NDS) to Congress last month, and although the full document is classified, a two-page fact sheet has been released to the public. Experts from the Scowcroft Center for Strategy discussed some of the highlights with the Atlantic Council. The NDS references a need to increase resilience against “growing kinetic and non-kinetic threats to the United States’ homeland from our strategic competitors,” which include non-military threats like cybercrime, threats to critical infrastructure, and enemies carrying out mis-, dis-, and mal-information operations. As these threats target civilians directly and not the military, the DoD will need to overcome its history of underfunding in order to better support civilian security efforts. The NDS also highlights the need for the DoD to employ integrated deterrence policies to combat enemies leveraging advanced technologies like hypersonic weapons, missile defenses, and emerging cybertools. This will require coordination of deterrence efforts across agencies and allies. Furthermore, the fact sheet indicates that “campaigning” will be a necessary means of addressing the coercive actions of global competitors like China and Russia. “Gray zone” activities like cyberattacks and disinformation will need to be addressed not just defensively but also with offensive operations.
More on CISA’s SCuBA project.
As we noted yesterday, this week CISA issued two new guidance documents as part of its Secure Cloud Business Applications (SCuBA) project, aimed at improving the visibility, standards, and security practices for federal cloud services. SecurityWeek notes that CISA is seeking public comment on the documents by May 19. “We are requesting public comment on these two products to ensure our guidance enables the best flexibility to keep pace with evolving technologies and capabilities and protect the federal enterprise. Our intent is to properly address cybersecurity and visibility gaps within cloud-based business applications that have long hampered our collective ability to adequately understand and manage cyber risk across the Federal and IT enterprise,” CISA stated. The first guide, the SCuBA Technical Reference Architecture (TRA), is aimed at helping federal agencies adopt technology for cloud deployment, adaptable solutions, secure architecture, zero trust and agile development, while the second document, the Extensible Visibility Reference Framework (eVRF) guidebook, outlines a strategy that organizations can use to identify visibility data to mitigate threats, as well as to identify visibility gaps. Though SCuBA is specifically geared toward government agencies, CISA is recommending the guidance for all organizations that employ cloud services.
Joint Cyber Defense Collaborative forming under CISA leadership.
As the first anniversary of the Colonial Pipeline attacks approaches, and as the threat of Russian cyberattacks against infrastructure rises, the US Cybersecurity and Infrastructure Security Agency (CISA) has announced a new ICS (industrial control system) Joint Cyber Defense Collaborative (JCDC) that will have significant industry participation.
Yesterday the US Cybersecurity and Infrastructure Security Agency (CISA) announced it will be expanding the Joint Cyber Defense Collaborative (JCDC), created in 2021 to “transform traditional public-private partnerships into real-time private-public operational collaboration.” The JCDC will now enlist Industrial Control Systems (ICS) experts in order to help CISA bolster the cybersecurity and resilience of ICS and operational technology. Bechtel, Claroty, Dragos, GE, Honeywell, Nozomi Networks, Schneider Electric, Schweitzer Engineering Laboratories, Siemens, and Xylem are among the companies initially joining the JCDC-ICS effort. Speaking to ICS leaders at the S4x22 conference, CISA Director Jen Easterly stated, “Cyber threats to the systems that control and operate the critical infrastructure we rely on every day are among our greatest challenges. As the destruction or corruption of these control systems could cause grave harm, ensuring their security and resilience must be a collective effort that taps into the innovation, expertise, and ingenuity of the ICS community. I’m excited to leverage our evolving JCDC platform to enable us to plan, exercise, and collaborate with industry leaders to drive down risk to the systems and networks we depend on so greatly as a nation.”
The co-founder and CPO of one of the companies that will be a founding partner of the JCDC, Nozomi Networks' Andrea Carcano, commented on the value he sees in the new body, whose formation follows closely the formation of the OT Cyber Coalition:
"From our perspective both are very positive indications that public/private cooperation is maturing in ways that will genuinely strengthen collective defenses for critical infrastructure. As a founding member of the OT Cyber Coalition, we’ve teamed with many of our long-time partners and several of our fiercest competitors to work collaboratively with government and industry leaders to develop strong, effective cybersecurity solutions and guidelines for the end user. Our shared goal is to advocate for vendor-neutral, interoperable, cybersecurity and information sharing solutions that fortify the security of our nation’s most critical infrastructure.
"Helping build the JCDC-ICS is an opportunity to roll up our sleeves and work even more closely with CISA in their efforts to strengthen cybersecurity performance goals across critical infrastructure sectors.
"The US Government has been addressing critical infrastructure - OT cybersecurity for years. What’s changing - and what we believe is having a positive impact on helping defenders gain the upper hand - is the progress that’s been made by Jen Easterly to establish CISA as the central point of collaboration and coordination across the infosec community. Effective public/private collaboration on a collective defense is also critical to speeding progress. The OT Cyber Coalition and the JCDC make it easier for critical infrastructure organizations to work closely with the vendor community and the government to collaborate on effective guidelines and solutions. Still, it could take a couple of years to see significant improvements in terms of meaningful improvements on our defenses. One sign of this progress will come in the form of new, open solutions for information sharing. That includes options that don’t compromise private data and make it possible for public and private sector organizations to collectively strengthen their defenses."
CrowdStrike's Adam Meyers, senior vice president of intelligence, also welcomed the JCDC's initiative, in which his company will be a major private sector participant:
“We are excited to be part of JCDC’s new industrial control systems (ICS) initiative to empower security teams with actionable knowledge and insights to detect and deter cyberattacks across their operational technology (OT) networks,” said Adam Meyers, senior vice president of intelligence at CrowdStrike. “The ICS supply chain has become an increasingly fertile ground for exploitation by today’s attackers. Too often, security teams have limited technologies to adequately detect adversaries in their OT networks and can miss attackers lurking within critical infrastructure systems, posing numerous risks and potentially impacting many. Through this new initiative, CrowdStrike and other partner companies will share critical threat intelligence to help break down silos across the public and private sectors, helping to ultimately secure these essential networks. We applaud CISA for taking the step to help facilitate this new initiative.”