Discussions of CISA’s part in elections and the JCDC.

Yesterday morning, the Center for Strategic and International Studies (CSIS) held a fireside chat with Cybersecurity and Infrastructure Security Agency (CISA) Director, Jen Easterly, and CSIS Senior Adviser Suzanne Spaulding.

CISA and elections.

Easterly discussed how CISA is the Sector Risk Management Agency for multiple sectors including election infrastructure, and notes how it’s local and state officials in charge of elections, not the federal government. “We ensure that they have the tools, the resources, the capabilities, and the information to be able to run safe and secure and resilient elections. And as you very well know, over the past several years we have been working hand in hand across the federal government with those election officials, with the vendor community. And I am very confident that we have done everything we can to make election infrastructure as secure and as resilient as possible. And we’ve been very clear that there is no information, credible or specific, about efforts to disrupt or compromise that election infrastructure.”

The Joint Cyber Defense Collaborative.

The session also discussed the Joint Cyber Defense Collaborative, a group established by CISA to bring together cyber defense from organizations worldwide. “I love the fact that the JCDC early on allowed us to create a platform, a platform to bring together our federal partners – so FBI, NSA, CYBERCOM, Defense, Justice, ODNI, Secret Service, the National Cyber Directorate – on one platform to work with the private sector and the first thing that we did, which then paid a lot of dividends with both Log4Shell, if you’ll remember the very serious open source vulnerability and then, of course, Shields Up, was we developed what we call the Alliance, which are the 20, 25-ish biggest technology companies in the world – the ISPs, the CSPs, the backbone infrastructure, the cybersecurity vendors,” Easterly said. “And so we built this Slack channel. We brought in all the agencies. We have technology partners, separate ones for finance and energy because of the concerns around potential Russian attacks or retaliation. And it has really, I think, been a game changer in terms of developing trusted, collaborative, real-time, responsive, transparent partnerships with the private sector.”