NEW YORK, NY – June 7, 2022 A group of leading private sector organizations and cyber advocacy groups; Business Executives for National Security; the Coalition for Midmarket Cyber Excellence; Cyber Threat Alliance; Cyberspace Solarium Commission 2.0; Institute for Security and Technology; and the Multilateral Cyber Action Committee; are issuing a Joint Statement calling for increased public private collaboration to improve the nation’s cybersecurity readiness. Secretary Chertoff, Steering Committee Member of the Multilateral Cyber Action Committee (MCAC), the organization that led the coordination of this statement stated: “The MCAC is a global committee focused on improving cybersecurity for a secure and open internet and wants to pursue deep public private partnership. In the United States, we think the joint statement highlights the current successes of the Joint Cyber Defense Collaborative, as well as it’s need to continue to grow and evolve. We are committed to making that happen.”
The signatory organizations believe that the Biden administration has made progress in deepening partnership with the private sector to improve the security of the country’s critical infrastructure. Effective engagement requires private and public sector collaboration and leadership to address issues such as the Solar Winds supply chain attack, log4J vulnerabilities, ransomware attacks, and threats from Russian and other malicious nation-state actors. The signatories seek to build upon existing initiatives to deepen public-private partnership. Mark Montgomery, Executive Director of the Cyberspace Solarium Commission 2.0 stated “the Solarium Commission always posited that effective deterrence in cyberspace is a three-legged stool, relying on investments in defensive capabilities, investments in cost imposition capabilities, and the most challenging – building a public-private collaboration to defend our critical infrastructure. We are advocating to address this exact national security challenge with these five initiatives.”
The group of organizations are committed to enhancing public-private sector cooperation and actively seek to engage U.S. government partners with ideas and initiatives to strengthen national cyber resilience. They seek to assist the public and private sectors in increasing the impact of collaborative efforts like the Joint Cyber Defense Collaborative (JCDC), among others, through a combination of advocacy, capability building, and scaling. General Joseph L. Votel, USA (Ret.), President and CEO, Business Executives for National Security states “Never has collaboration between the private and public sectors been more critical to defending US interests in cyberspace. Only full integration of the best technologies, talent, and processes from business, government, and the military can successfully repel the constant assault from our adversaries.”
“The recommendations the MCAC are advocating are strongly aligned with the mission of The Coalition for Midmarket Cyber Excellence (CMCE). Midmarket companies struggling with cybersecurity are underrepresented in the government landscape and policy debates. Expanding on existing public-private collaboration is a strong step to help ensure the security of midmarket companies crucial to the nation’s critical infrastructure,’ Emily Coyle, Executive Director of the Coalition for Midmarket Cyber Excellence stated.
The organizations are calling for the promotion of the following:
Increasing the Reach and Impact of the Joint Cyber Defense Collaborative (JCDC): The JCDC has demonstrated value as a tool in protecting American and allied and partner critical networks during the Russian invasion of Ukraine. The supporting organizations will collaborate with JCDC and the Cybersecurity and Infrastructure Security Agency (CISA) leadership to help amplify the impact of the collaborative.
Increasing Collective Understanding of Cyber Threats: The organizations, working together, will support efforts to identify, provide, assess, establish, and deploy the tools, technology, incentives, business processes, and legal frameworks required to create a shared understanding of cyber threats across our digital ecosystem, including the public, private, and nonprofit sectors. This shared view would enable cyber defenders in all sectors to plan, exercise, and respond together at network speed.
Enhancing Contingency Planning: Understanding the JCDC has initiated efforts to work with the private sector in anticipation of cyber contingencies such as those resulting from the Russian invasion of Ukraine, they recommend that this effort seek to identify the top 5 cyber contingencies that pose national security risk and develop proactive response plans.
Improving the Legal Framework: The signatory organizations are committed to identifying and proposing improvements to laws and regulations that hamper effective cyber defense. They are committed to working with lawmakers on protected, preemptive legislation that carefully balances regulatory compliance with industry-recognized recognized standards and positive incentives to increase U.S. security and resilience commensurate with today’s threat levels.
Building Teamwork: The signatory organizations propose expanded opportunities for long-term exchange programs between government and private sector technical personnel in cybersecurity roles.