The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its Cybersecurity Strategic Plan for the next three years, focusing on three main goals and several objectives.
The Cybersecurity Strategic Plan for fiscal years 2024-2026 outlines the agency’s plans for achieving a future where damaging cyberattacks are rare, organizations are resilient, and technology is secure by design.
One of CISA’s three main goals is ‘addressing immediate cyber threats’ by making it more difficult for threat actors to achieve their goals by targeting the networks of the US and its allies.
The objectives for this goal include increasing visibility into threats and campaigns and increasing the ability to mitigate them, addressing critical and exploitable vulnerabilities, and conducting exercises and joint defense operations to ensure an effective response to urgent threats.
Another major objective is ‘hardening the terrain’ by adopting strong security and resilience practices to reduce the likelihood of damaging attacks.
Objectives include understanding how attacks occur and how they can be stopped, driving the implementation of measurably effective investments, and providing modern cybersecurity capabilities and services and measuring their effectiveness.
The final goal is ‘driving security at scale’ by prioritizing security as a fundamental safety issue.
This involves technology providers building security into their products and shipping them with secure defaults. Other objectives include reducing cybersecurity risks posed by new technologies, and contributing to efforts to build a national cyber workforce.
“Cybersecurity is a shared journey and a shared challenge that the entire nation must address together,” CISA said. “As America’s Cyber Defense Agency, CISA serves a foundational role in the global cybersecurity community, but true and lasting security in cyberspace can only be achieved collaboratively. Government at all levels, industry, technology providers, the global community of cyber defenders, individual citizens, and others must all work together to achieve a secure cyber future.”
Related: CISA Instructs Federal Agencies to Secure Internet-Exposed Devices
Related: CISA Introduces Secure-by-design and Secure-by-default Development Principles
Related: CISA Gets Proactive With New Pre-Ransomware Alerts
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- Cisco to Acquire Splunk for $28 Billion
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
