Rep. Eric Swalwell, D-Calif., is planning to introduce legislation to clarify the role of the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) program and criteria for membership in the group.
“In the coming weeks I plan to introduce legislation to clarify the activities of the JCDC to improve on its successes and increase its impact,” said Rep. Swalwell during a March 23 House Homeland Security subcommittee hearing.
The JCDC is a private-public collaborative program created by CISA to bring together cyber experts and organizations to focus on threats and solutions. “This diverse team proactivcely gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response,” the agency says.
During the March 23 hearing, witnesses discussed how the JCDC can cultivate better partnerships between the government and industry.
Drew Bagley, vice president and council for privacy and cyber policy at Crowdstrike recommended that the JCDC step up its response plans.
“As a community, you must focus more attention on national incident response capacity,” he said. “JCDC should continue developing community response plans, and systems should incorporate JCDC contributions and forthcoming revisions to the National Cyber Incident Response Plan,” he said.
Heather Hogsett, senior vice president of technology and risk management at the Bank Policy Institute, talked about what she said is a lack of proactive planning by the JCDC.
“CISA was charged with creating a joint cyber planning office to develop plans for cyber defense operations and coordinated actions that public and private sector entities could take to protect, mitigate and defend against malicious cyber-attacks,” she said. “We have not seen the JCDC engage in this type of proactive planning.”