Extending the Breadth and Depth of our Partnerships - JCDC 2024 Priorities 


By Clayton Romans, Associate Director

In 2021, we established the Joint Cyber Defense Collaborative (JCDC) to bring together industry and government partners with new and challenging goals: enable persistent, trusted partnerships that address the most urgent current risks, and drive long-term, proactive planning. This second goal was particularly unique; never before had the U.S. government sought to engage in joint planning with the private sector around shared cybersecurity challenges. We’ve learned a lot over the past few years as we successfully executed a series of cyber defense plans. These include securing open source software in operational technology and industrial control systems, addressing risks facing remote monitoring and management, and enhancing security and incident response for the water sector, as well as gleaning valuable lessons on how to make our planning efforts valuable for each of our partners.

Today, we’re glad to publish our 2024 Priorities. These priorities will further expand the breadth and depth of our partnership to tackle more challenging, forward-leaning cyber risks that could evolve in the future, not just the immediate risks. To be clear, JCDC in this context is not a specific team or organization; it represents the collective group of industry and government partners drawn together to drive positive change for our nation’s cybersecurity.

Our 2024 priorities are defined around three focus areas. The first focus area, Defend Against Advanced Persistent Threat (APT) Operations, aligns JCDC strategic and operational efforts to counter known and suspected APT campaigns that target critical infrastructure sectors with the potential to impact National Critical Functions. The second focus area, Raise the Baseline, encompasses JCDC efforts to improve the cybersecurity posture of critical infrastructure entities to reduce the frequency and impact of cyber incidents. The third focus area, Anticipate Emerging Technology and Risks, seeks to decrease the likelihood and impact of AI-related threats and vulnerabilities to critical infrastructure providers.

Six 2024 JCDC priorities, aligned with the three focus areas, call out specific topics for increased attention.  JCDC’s Priorities for 2024 are:

  • Discover and defend against malicious abuse by APT actors, particularly those backed by the PRC, on and against U.S.-based infrastructure. In 2023, we saw an increase in APT activity, particularly APT groups affiliated with the People’s Republic of China, directed towards the critical infrastructure on which Americans depend. In 2024, JCDC will work with interagency and private sector partners to strengthen the ability of critical infrastructure sector organizations to prepare for and respond to future malicious activity on their networks, including activity utilizing living off the land techniques.
  • Prepare for major cyber incidents. JCDC will work to elevate critical infrastructure's capacity for resiliency and capability for recovery in response to major cyber incidents. This includes supporting CISA’s work to update the National Cyber Incident Response Plan (NCIRP). As directed by the President’s 2023 National Cybersecurity Strategy, CISA, in close coordination with the Office of the National Cyber Director, is gathering input from public and private sector partners to identify key changes for incorporation into the updated NCIRP. Through JCDC, CISA is working to ensure this process addresses significant changes in policy and cyber operations since the NCIRP was released and plans to publish an updated NCIRP this year.
  • Help provide state and local election officials with information and tools to help secure their networks and infrastructure against cyber threats as part of CISA’s broader election security efforts. JCDC will support CISA’s effort to improve the security, visibility, and resiliency of the election security ecosystem by collaborating, planning, and sharing cyber threat information withJCDC industry partners, interagency partners, SLTT entities, and vendors across the elections community.
  • Measurably decrease the impact of ransomware on critical infrastructure. The impacts of ransomware and data extortion have proven challenging and costly for organizations of all sizes. JCDC will leverage its resources and engage with partners to prioritize operational activities that actively defend against and disrupt ransomware campaigns in collaboration with government and non-governmental entities. We will also collaborate with technology providers to leverage Secure by Design principles to scale protection.
  • Make measurable progress toward a world where technology is Secure by Design. Even as we urgently work to help organizations implement the most effective cybersecurity measures, we know that scalable change requires a fundamental shift in how technology is designed, built, and maintained. We will continue to drive measurable commitments across the technology ecosystem that reduce the number of defective technology products by design and ensure that strong default settings are the norm. In 2023, CISA announced our Secure by Design Alert series to identify recurring classes of defects that can be fixed through systemic changes. In 2024 we will continue to publish these alerts, including those developed in response to other priorities, such as discovering malicious abuse by APT actors. 
  • Decrease risk posed by AI to critical infrastructure. In alignment and coordination with CISA’s Roadmap for Artificial Intelligence, JCDC will support CISA and DHS-led efforts to decrease the likelihood and impact of AI-related threats and vulnerabilities to critical infrastructure providers.

I am incredibly proud of this collaborative team and what we have accomplished, overcoming many obstacles to meet the demands of the ever-evolving cyber threat landscape. Through JCDC, CISA looks forward to furthering this work with our partners across government and private sector to tackle some of the most significant cyber risks facing our country in 2024.

JCDC is a public-private cybersecurity collaborative that leverages new authorities granted by Congress in the 2021 National Defense Authorization Act to unite the global cyber community in the collective defense of cyberspace. CISA welcomes all critical infrastructure organizations and entities with cybersecurity expertise and visibility to participate in our collaboration efforts. For further information about JCDC, email