🧵On the demise of public-private partnership & the rise of operational collaboration: In Dec 20, a significant cyber-espionage campaign was discovered by @FireEye, illuminating the reality that in our highly-digitized world, tech companies are often first to see an attack.1/
🛡Based on this recognition & new authority from Congress, in Aug 21, we launched the Joint Cyber Defense Collaborative to enable collective cyber defense of the nation. JC⚡️DC has now grown to 20+ of the biggest tech cos w/unique visibility into the critical infra ecosystem.2/
🛡Along w/these industry partners, @CISAgov & our fed teammates--including @NSACyber, #FBI, @SecretService & @US_CYBERCOM--are transforming hackneyed “PPP” into operational collaboration & info-sharing into info-enabling through real-time exchange of actionable insights & data.4/
🛡JC⚡️DC is very new, but we’re learning every day. From log4j to the 🇺🇦 crisis, we’re planning together & collaborating together to better understand the cyber threat environment. Our collective goal: See the dots, Connect the dots, & Drive down risk to the nation at scale.5/
🛡In light of ongoing cyber threats associated with the 🇺🇦 crisis, we’ve recently expanded our operational collaboration channels through JC⚡️DC to include systemically critical financial institutions & energy companies & look forward to welcoming more orgs in coming months.6/
🛡️JC⚡️DC is also a catalyst for joint innovation: working together, we developed the first-ever public/private cyber defense operations plan; launched a list of pro-bono cyber services & tools; & shortened our time from raw info to public alerts. And we’re just getting started.7/
🛡JC⚡️DC represents a paradigm shift from being reactive to being proactive & reflects the fact that no one entity—public or private—can secure cyberspace; that we must work together to strengthen our mutual resilience & our ability to address immediate & impending cyber risks.8/
🛡Finally, because resources do matter, we were thrilled that Congress gave us an additional $16m above the FY22 PB for JC⚡️DC, one positive sign that the model is beginning to work.
With humility & excitement, we say: For Those About to Block, We Salute You! ROCK ON!🎸
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Thrilled to see that the cyber incident reporting legislation has passed! This bill is a game-changer & a critical step forward for our Nation's cybersecurity. As the nation's cyber defense agency, it will help @CISAgov better protect our networks & critical infrastructure.
@CISAgov will use this info to render assistance to victims suffering attacks, analyze reporting to spot trends across sectors, & quickly share information with network defenders to warn potential victims & help prevent further attacks.
We look forward to working collaboratively w/our industry & fed partners to leverage this historic legislation to enhance the security & resilience of our nation’s critical infrastructure. We made it easy to report a cyber incident 24/7: report@cisa.gov or call @ (888) 282-0870.
🛡️A cyber🧵While there are currently no specific or credible cyber threats to the US homeland as a result of the unprovoked Russian invasion of Ukraine, @CISAgov strongly urges continued vigilance by all orgs – large & small. See cisa.gov/shields-up for info & updates 1/
Just because we have not seen threats to date doesn’t mean we will not see them manifest quickly. Risks may emerge rapidly from a) unintended impacts of cyber attacks within & beyond Ukraine by both state & non-state actors; 2/
b) opportunistic targeting of US-based critical infrastructure by criminal ransomware gangs; or c) deliberate targeting by Russian state-sponsored malicious cyber actors in retaliation for actions taken by the US & our Allies to impose costs on Russia. 3/