Security agency

Cybersecurity and Infrastructure Security Agency (CISA) Releases Three-Year Strategic Plan to Lead U.S. Cyber ​​Defense

CISA will focus on how to reduce risk, build cyber resilience and ensure the agency can execute its strategic plan as “One CISA”.

Credit: Pixabay

The United States Cybersecurity and Infrastructure Security Agency (CISA) is charting the way forward with the release of its 2023-2025 Strategic Plan.

It is the first comprehensive strategic plan since CISA was established in 2018. The plan will focus and guide the agency’s efforts over the next three years, CISA said in a prepared statement.

Assist with mission-critical national security

In its mission as the United States’ cyber defense agency and national coordinator for critical infrastructure security, CISA works daily with critical infrastructure partners to address the changing threat landscape. This approach, says CISA, is reflected in the strategic plan – focused on reducing risk and building resilience to cyber and physical threats to the nation’s infrastructure.

The plan builds on the foundation created by CISA’s Strategic Intent, released in August 2019, to guide the agency’s work and create unity of effort. In addition to the plan, CISA said it was “developing internal performance and efficiency measures to better track progress toward reducing risk and achieving its goals.”

CISA Strategic Plan: 4 Ambitious Goals

The plan outlines “four aspirational goals,” three of which focus on how the agency will work to reduce risk and build cyber resilience. The fourth objective focuses internally to ensure the agency is in a strong position to execute the plan – “to work as one CISA”.

The plan highlights these four key areas:

  1. CISA will spearhead the national effort to ensure the defense and resilience of cyberspace.Defend against cyber threats that target US critical infrastructure; federal, state and local governments; the private sector; and the American people. CISA must work towards collaborative and proactive risk reduction. Together with its partners, CISA is responsible for helping to mitigate the most significant cyber risks to the nation’s critical national functions, both when those risks emerge and before a major incident occurs.
  2. CISA will reduce risk and build resilience for US critical infrastructure.CISA coordinates a national effort to secure and protect against critical infrastructure risks. This effort is centered on identifying the systems and assets that are truly critical to the nation, as well as understanding their vulnerability and taking steps to manage and reduce the risks to which they are exposed. The agency serves as a key partner to critical infrastructure owners and operators nationwide to help them reduce risk and build security capacity to withstand new threats and disruptions.
  3. CISA will strengthen national operational collaboration and information sharing.At the heart of CISA’s mission is partnership and collaboration. CISA believes that securing the country’s IT and physical infrastructure is a shared responsibility. In response, CISA is challenging traditional ways of doing business and actively working with our government, industry, academic and international partners to evolve towards more forward-looking and action-oriented collaboration. CISA is also committed to growing and strengthening the agency’s regional presence to more effectively deliver the assistance our stakeholders need.
  4. Fundamental to its success, the agency will unify as “One CISA” through integrated functions.CISA says it will succeed “because of our people”. The agency is building a culture of excellence based on core values ​​and fundamental principles that value teamwork and collaboration, innovation and inclusion, ownership and empowerment, and transparency and trust. As a unified team behind its common mission, CISA will “work smart” to operate efficiently and profitably.

Go home