CISA unveils roadmap: Joint Cyber Defense on the rise in 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has announced its priorities for the Joint Cyber Defense Collaborative (JCDC) in 2024. The JCDC aims to improve cyber defense by aligning the strategic direction and resources of government and private organizations. The three broad priorities for 2024 are defending against advanced persistent threat (APT) operations, raising baseline protections for critical infrastructure, and anticipating emerging technology and risks. The release of the priorities comes amid criticism of the JCDC, with concerns raised about its effectiveness due to a lack of technical expertise and too many lawyers. Recent reports suggest that security researchers are becoming less active, partly due to backlash from conservatives over election disinformation efforts. The JCDC has also faced criticism for being a “cool-club for vendors” rather than delivering value to industry. Other recent concerns include warnings from the federal government about Chinese intrusions into critical infrastructure and the need for CISA to be faster at sharing information and more aggressive in mitigating threats. The prioritization of APT defense will involve updating the National Cyber Incident Response Plan and working to defend against state-sponsored hacking, particularly from China. CISA also plans to help secure sensitive networks used by state and local election officials and make measurable progress in reducing ransomware attacks and the risk posed by AI to critical infrastructure.