In February, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced its 2024 priorities for the Joint Cyber Defense Collaborative (JCDC). This group, composed of government and industry entities, was formed in 2021 and is tasked with gathering, analyzing, and sharing actionable cyber risk information to unify cyber defenders worldwide.
What are the priorities, and how should they inform your company’s cybersecurity strategy?
The JCDC’s priorities fall into three areas, all focused on protecting critical infrastructure such as emergency services, communications, food and agriculture, healthcare, transportation, and government facilities.
Priority 1: Defend against advanced persistent threats
The collaborative’s first priority is to discover and defend against advanced persistent threat (APT) operations. This refers to attacks on the United States and its allies by malicious cyber actors, particularly those associated with the People’s Republic of China.
According to the JCDC, the threats are no longer limited to espionage and data theft but have expanded to include destructive attacks intended to cause real-world harm to critical infrastructure that Americans depend on. The collaborative pledges to work with organizations that provide critical infrastructure to prepare for and respond to malicious abuse on their networks.
As part of this priority, the JCDC plans to prepare for major cyber incidents impacting infrastructure by updating the National Cyber Incident Response Plan (NCIRP) by the end of 2024. This plan is intended to coordinate a national approach across public and private sectors to handling significant cyber incidents.
What does this mean for you? To adopt this priority and increase your company’s protection against cyber threats, companies can look to external threat intelligence service providers. Having the right intelligence lets you know what to defend against — the tactics, techniques, and procedures used by APT actors. This allows you to build robust threat detection mechanisms, such as firewalls, into your security posture and to strengthen and practice your incident response capabilities.
Priority 2: Raise the cybersecurity baseline
According to the JCDC, too many intrusions could have been prevented by basic cybersecurity practices. The organization aims to raise the baseline of cybersecurity for critical infrastructure entities, as well as improve the security of the technology ecosystem overall.
One key focus, particularly for an election year, is on election security. The group will provide information and tools to state and local election officials on how to secure their networks and infrastructure in order to strengthen their defenses against cyberthreats.
At the same time, the JCDC aims to decrease the impact of ransomware and data extortion. The JCDC’s focus is on critical infrastructure, but ransomware campaigns threaten organizations of all sizes, in all industries. The group plans to leverage its resources to defend against and disrupt ransomware campaigns.
That effort involves supporting technology that is Secure by Design, a fundamental shift in how technology is developed, built, and maintained. The organization pledges to drive measurable commitments across the technology ecosystem, reducing “defective” technology products and making strong security settings the norm.
How do you raise your cybersecurity baseline? Be aware that while you might not be directly involved in an election, your company could be vulnerable to attacks that use disinformation in association with your company. To defend against ransomware, invest in cybersecurity fundamentals while deploying threat and anomaly detection tools. When purchasing technology, require a high level of security compliance, and conduct regular cybersecurity audits.
Priority 3: Anticipate emerging technology and risks
While new technology can help close off avenues of attack, it can also introduce new cybersecurity risks. The JCDC aims to protect critical infrastructure from the known and suspected risks of artificial intelligence (AI) in accordance with CISA’s Roadmap for Artificial Intelligence.
The roadmap, released in November 2023, focuses on the responsible and secure design and use of AI, protection of critical infrastructure from AI abuse, national and international coordination and communication on AI efforts, and building AI expertise within CISA.
How should your company respond to AI in cybersecurity? Immediately put policies in place around employee use of AI and data security. Stay up to date on government actions on AI to know where current and future legislation is headed. And stay informed about how AI is changing the threat landscape, how cybercriminals are using AI, and how AI is being used to improve security.
By adopting JCDC’s priorities, you can improve the protection of your company’s critical infrastructure in 2024.
Note: This was originally published at Journey Notes.
Photo: kathayut kongmanee / Shutterstock
