A group of private sector organizations and cyber advocacy groups have called for increased public-private collaboration to improve the United States' cybersecurity readiness.
In August 2021, the Cybersecurity and Infrastructure Security Agency (CISA) founded the Joint Cyber Defense Collaborative (JCDC), an initiative geared towards facilitating public-private sector partnerships.
Six cybersecurity organizations — Business Executives for National Security; the Coalition for Midmarket Cyber Excellence; Cyber Threat Alliance; Cyberspace Solarium Commission 2.0; Institute for Security and Technology; and the Multilateral Cyber Action Committee — delved into the effects of the JCDC on national cybersecurity, finding that effective engagement requires private and public sector collaboration and leadership to address issues such as the SolarWinds supply chain attack, Log4j vulnerabilities, ransomware attacks, and threats from Russian and other malicious nation-state actors.
The organizations put forth cybersecurity recommendations for national security.
- Increasing collective understanding of cyber threats: To increase cybersecurity awareness, it is critical to identify, provide, assess, establish and deploy the tools, technology, incentives, business processes and legal frameworks required to create a shared understanding of cyber threats across our digital ecosystem, including the public, private and nonprofit sectors.
- Enhancing contingency planning: Understanding the JCDC has initiated efforts to work with the private sector in anticipation of cyber contingencies such as those resulting from the Russian invasion of Ukraine, the organizations recommend that this effort seek to identify the top five cyber contingencies that pose national security risk and develop proactive response plans.
- Improving the legal framework: Working with lawmakers on protected, preemptive legislation that carefully balances regulatory compliance with industry-recognized recognized standards and positive incentives can help increase U.S. security and resilience commensurate with today’s threat levels.
- Building teamwork: Long-term exchange programs between government and private sector technical personnel in cybersecurity roles can help facilitate cybersecurity collaboration.