The Joint Cyber Defense Collaborative (JCDC) is an operational collaboration body established by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in August 2021. It was created under authority granted by Section 1715 of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, which directed CISA to set up a joint cyber planning office to develop and coordinate plans for defending against significant cyber incidents.
JCDC brings together federal partners — including CISA, the FBI, NSA, U.S. Cyber Command, the Department of Defense, the Department of Justice, and the Office of the Director of National Intelligence — with private-sector cybersecurity firms, critical infrastructure owners and operators, and state and local governments. Initial industry partners announced in 2021 included Amazon Web Services, Microsoft, Google Cloud, AT&T, Verizon, CrowdStrike, FireEye (now Trellix/Mandiant), Lumen, and Palo Alto Networks, with the partner list expanding in subsequent years.
The collaborative's core functions include:
- Joint cyber planning for defending critical infrastructure against major threats
- Real-time operational information sharing on vulnerabilities, threat actors, and active incidents
- Coordinated response during significant cyber events
JCDC played a visible coordinating role during incidents and campaigns such as the Log4Shell vulnerability disclosure in December 2021, Russian state-aligned threat activity surrounding the 2022 invasion of Ukraine, and ransomware response efforts targeting U.S. critical infrastructure. CISA has also used JCDC channels to publish joint cybersecurity advisories with allied agencies.
Critics, including a 2024 report by the Cyberspace Solarium Commission 2.0, have argued that JCDC needs clearer mission scope, better resourcing, and tighter membership criteria to function effectively as a planning body rather than a broad information-sharing forum. For Model UN delegates and IR researchers, JCDC is a useful case study in public-private cybersecurity governance and in how states operationalize collective cyber defense short of formal alliance structures.
Example
In December 2021, JCDC coordinated information sharing among CISA, federal partners, and major cloud providers during the global response to the Log4Shell vulnerability in Apache Log4j.
Frequently asked questions
JCDC is led by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security.
Keep learning