2023 JCDC Planning Agenda

The JCDC logo depicted on a tablet with a calendar is shown here.

The Joint Cyber Defense Collaborative (JCDC) is proud to announce its 2023 Planning Agenda—a major milestone in the collaborative’s continued evolution and maturation. Economic prosperity, national defense, and public health and safety depend on interconnected digital technologies. Widespread security flaws and configuration missteps in these technologies create opportunities for malicious actors to steal information, destroy valuable data, and cut off access to critical goods and services. JCDC’s planning agenda addresses these important and complex security challenges.

Charged with staying ahead of and confronting cyber risk and cyber threats to the nation’s critical infrastructure, CISA brought together experts across government and the private sector to develop a collaborative cyber planning agenda. No single entity has the complete knowledge, capabilities, and legal authorities to defend the entire digital ecosystem against advanced persistent threat (APT) actors. By combining the capabilities of key industry partners with the unique insights of government agencies, JCDC can create common, shoulder-to-shoulder approaches to confront malicious actors and significant cyber risks.

The agenda’s priorities represent proactive planning and persistent collaboration, which means having the right groups ready to engage in real-time collaboration in a rapidly changing risk environment. JCDC’s new multidirectional real-time information sharing initiative—which is built on trust and a willingness to work together—is a fundamentally different collaboration model that will enable us to accomplish the agenda priorities.

In 2023, JCDC will work on joint cyber defense plans focused on three areas: systemic risk, collective cyber response, and high-risk communities. We will also maintain flexibility to undertake urgent planning efforts as the risk environment changes, recognizing that agility is foundational to our shared success.  


(1) Systemic risk: Malicious actors know how to work smarter, not harder, by targeting single points of failure in critical infrastructure. Targeting of software, hardware, and services that are widely used across sectors or compromises of lifeline functions like electrical and water that underpin virtually every organization could result in cascading impacts and severe impacts to our national critical functions. 

The 2023 Planning Agenda includes efforts to address the following risk topic areas: 

  • Open-Source Software: Understand and mitigate risks potentially posed by open source software (OSS) used in industrial control systems. 
  • Remote Monitoring and Management Vendors, Managed Service Providers, and Managed Security Service Providers: Advance cybersecurity and reduce supply chain risk for small and medium critical infrastructure entities through collaboration with remote monitoring and management (RMM), managed service providers (MSPs), and managed security service providers (MSSPs).
  • Energy: Deepen operational collaboration and integration with the Energy Sector, in partnership with the Department of Energy.
  • Water: Identify approach to enhance security and resilience of edge devices for the water sector. 

(2) Collective cyber response: As a nation, we must anticipate that malicious cyber actors will at times circumvent our combined defenses. At the same time, the American people rightly expect the U.S. government to plan for a coordinated public-private response to minimize impacts and quickly recover. 

The 2023 Planning Agenda identifies an effort to: 

  • Update the National Cyber Incident Response Plan (NCIRP): Over the past several years, government and the private sector have significantly advanced our processes and approaches for incident response, but our plans and doctrine have not kept up. JCDC will lead an effort to update the National Cyber Incident Response Plan, in close coordination with interagency partners. The update will include incorporate changes and lessons learned since the release of the 2016 NCIRP, articulating specific roles for non-federal entities in organizing and executing national incident response activities. 

(3) High-risk communities: Malicious cyber actors do not only target critical infrastructure or businesses; to the contrary, we know that adversaries—seeking to undermine American values and interests—routinely target high-risk communities, such as civil society organizations that support journalists and cybersecurity researchers. 

The 2023 Planning Agenda outlines an effort to: 

  • Strengthen protection of civil society organizations who are at higher risk of being targeted by foreign state actors through collaborative planning with key government and industry stakeholders.