Black Hat: New CISA Head Woos Crowd With Public-Private Task Force

Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime.

LAS VEGAS – Just weeks after the U.S. Senate confirmed Jen Easterly to lead the Cybersecurity and Infrastructure Security Agency (CISA), the new director spoke at Black Hat USA 2021 on Thursday, albeit virtually, announcing a major public-private partnership to fight cybercrime.

Called the Joint Cyber Defense Collaborative (JCDC), Easterly said 20 cybersecurity firms have already joined the effort. They include Amazon, AT&T, Google Cloud, Microsoft, Palo Alto Networks, Verizon, Crowdstrike and FireEye Mandiant.

She said ransomware will be the group’s initial focus, along with creating a framework to respond to incidents affecting critical U.S. cyber-infrastructure.

“The whole idea of JCDC is to bring together our partners to do four key things. First, to share insights so that we create a common operating picture, shared situational awareness of the threat environment so that we understand it better, and to develop national comprehensive cyber-defense plans to deal with the most significant threats to the nation threatening our critical infrastructure,” she said.

JCDC would also call on federal agencies that include Department of Defense and its cyber-command partners such as the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) to “make sure that we are aligning operations, talents and capabilities to support the nation’s cyber-defense activities,” she said.

Who is the New CISA Director?

Easterly is a former NSA deputy for counterterrorism and has a long history within the U.S. intelligence community. She served for more than 20 years in the Army, where she is credited for creating the armed service’s first cyber battalion. More recently she worked at Morgan Stanley as global head of the company’s cybersecurity division.

Easterly replaced CISA acting director Brandon Wales after the agency’s founder and former director Christopher Krebs was fired by former President Trump in 2020.

“I hope to build on Chris’s great work,” Easterly said. “Chris did a fantastic job. He founded the agency and he shepherded CISA through some turbulent times, with the [2020] elections and COVID.”

She likened her new position to that of a new CEO, fulfilling the spirit and mission of Krebs. “I’m going to be focused on how we put the right processes in place to be able to take CISA into our next five and 10 years,” she said.

For Those About to Hack, JC/DC is Gunning for You

Borrowing liberally from the design motif of the rock band AC/DC, Easterly debuted a tongue-in-cheek logo of JCDC (or JC/DC).

She said JCDC represents a move by CISA to up its ante in working with the private sector. Several examples already this year – SolarWinds, Kaseya, PrintNightmare and ProxyLogon – are examples of the private sector aiding the federal response and helping shape cybersecurity policy.

She singled out Victor Gevers, chair of the Dutch Institute for Vulnerability Disclosure, for helping the agency understand the chain of vulnerabilities that led to the exploitation of Kaseya. During the height of the SolarWinds attack, Easterly said, Trimarc founder Sean Metcalf was instrumental in helping CISA understand the byzantine nature of identity management. She also thanked Will Dormann, a vulnerability analyst, for helping government security researchers understand “the pathways of interconnectedness” associated with the PrintNightmare bug.

In CISA We Trust?

Perhaps Easterly’s biggest challenge in her new role will not be heaping praise on the cybersecurity community. Rather, it will be earnings its trust. During a question-and-answer session, the CISA director scored points with the audience by stating that she supported strong encryption.

“I realized that there are other points of view across the government, but I think strong encryption is absolutely fundamental for us to be able to do what we need to do,” she said.

Strong encryption is jargon for what some call “warrant-proof” encryption. Many in the law enforcement circles believe ironclad encryption helps criminals “go dark”, in that it shields their communications.

While acknowledging distrust within some segments of the cybersecurity community, Easterly urged the audience of security professionals to trust people first.

“We know some people never want to trust an organization,” she said. “In reality we trust people – you trust people. … When you work closely together with someone to solve problems, you can begin to create that trust.”

(Image of Jen Easterly, courtesy of Jen Easterly’s Twitter feed)


Threatpost Webinar Series Worried about where the next attack is coming from? We’ve got your back. REGISTER NOW for our upcoming live webinar, How to Think Like a Threat Actor, in partnership with Uptycs on Aug. 17 at 11 AM EST and find out precisely where attackers are targeting you and how to get there first. Join host Becky Bracken and Uptycs researchers Amit Malik and Ashwin Vamshi on Aug. 17 at 11AM EST for this LIVE discussion.

Suggested articles