CISA expands its cyber defense division to include control systems expertise

The Cybersecurity and Infrastructure Security Agency (CISA) announced on Wednesday that it is expanding the agency’s Joint Cyber Defense Collaborative to include industrial control systems (ICS) experts.

Those experts will include security vendors, integrators and distributors who will guide the government in investing more in the systems that control critical infrastructure.

The agency named several private businesses that will initially be joining the expansion. The companies include Dragos, Siemens, Honeywell and Bechtel, among others. 

Speaking at a conference in Miami, CISA Director Jen Easterly said that the expansion will ensure security and resilience of the control systems needed to operate critical infrastructure.

“Cyber threats to the systems that control and operate the critical infrastructure we rely on every day are among our greatest challenges,” Easterly said, speaking to ICS experts.

“As the destruction or corruption of these control systems could cause grave harm, ensuring their security and resilience must be a collective effort that taps into the innovation, expertise, and ingenuity of the ICS community,” she added. 

The expansion comes amid heightened security and warnings from CISA and other government agencies urging companies in critical industries to shore up their defenses against Russian cyberattacks.

The agency launched the Joint Cyber Defense Collaborative (JCDC) in August 2021 in an effort to defend the U.S. against cyberattacks. Since then, CISA has partnered with the private sector to push forward that effort, which includes implementing nationwide cyber defense strategies, sharing information and mitigating the risks of cyberattacks.

“We are excited to be part of JCDC’s new industrial control systems (ICS) initiative to empower security teams with actionable knowledge and insights to detect and deter cyberattacks across their operational technology (OT) networks,” said Adam Meyers, senior vice president of intelligence at CrowdStrike, in a statement. 

“Through this new initiative, CrowdStrike and other partner companies will share critical threat intelligence to help break down silos across the public and private sectors, helping to ultimately secure these essential networks,” Meyers added. 

In an interview with CNBC, Easterly said that her agency is seeing “evolving intelligence” indicating that Russia is planning to launch cyberattacks against critical infrastructure, particularly in the energy and finance sectors.