CISA Issues Global Cyber Plan to Protect US Infrastructure
[Stay on top of transportation news: Get TTNews in your inbox.]
The Cybersecurity and Infrastructure Security Agency released its first international plan outlining steps to work more with overseas stakeholders to better safeguard online interconnections with the U.S. supply chain and critical infrastructure.
“In following this plan, CISA will improve coordination with our partners and strengthen international relationships to reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” Director Jen Easterly said.
CISA, formed in 2018 under the U.S. Department of Homeland Security, is tasked with being America’s main cyber defense agency and the national coordinator for critical infrastructure security and resilience.
Its new “FY2025-2026 CISA International Strategic Plan,” released Oct. 29, was compiled with action items to better maintain cybersecurity since computer systems are interconnected between multiple parties and interspersed with a variety of software from different manufacturers.
Easterly
“Since the risks we face are complex, geographically dispersed and do not abide by borders, protecting and securing our cyber and physical infrastructure requires the concerted efforts of public and private partners around the globe,” CISA announced.
The agency intends to work with international partners to help improve U.S./foreign infrastructure resilience, strengthen interconnected defense mechanisms and better coordinate actions among partnering international stakeholders. The agency said it will also review its progress quarterly to track effectiveness.
RELATED: What Causes Supply Chain Disruptions?
“In coordination with the Department of State and relevant U.S. government partners, we will broaden our understanding of systemic risk by expanding our visibility into infrastructure and supply chain vulnerabilities for priority foreign critical infrastructure upon which the U.S. depends,” the report stated.
Our International Strategic Plan emphasizes the importance of partnerships and collaboration to secure our globally interconnected and interdependent critical infrastructure. https://t.co/rMB6Z7vv9n pic.twitter.com/vdAFTft65N — Cybersecurity and Infrastructure Security Agency (@CISAgov) October 29, 2024
Specific objectives of the plan include:
- increasing resilience of physical and cyber critical infrastructure in the U.S. and abroad to prevent cyber incidents
- improving risk management and incident responses both by sharing more bilateral/multilateral information as well as coordinating federal inter- and intra-agency efforts
- learning more about international critical infrastructure interdependencies to better prepare for “cascading impacts” arising from cyber incidents
The plan outlines activities for CISA officials to evaluate their success. One way is to track how much they have increased global partner actions to mitigate prioritized risks to foreign critical infrastructure. It will also count how many new U.S. government activities it has organized to increase cybersecurity in critical foreign infrastructure and supply chain areas. At the same time, CISA will monitor its effectiveness in getting more actions by American stakeholders to deter cyber disruptions of critical U.S. infrastructure operations connected to “foreign assets, systems and supply chains.”
“CISA seeks to expand visibility into internationally shared threats and systemic risks,” it stated. “The agency will also provide guidance, advice and expertise to help define and implement safe global standards, norms and best practices that support U.S. domestic cybersecurity interests.”
To achieve its goals, CISA stated that the report now creates the framework it can use to prioritize activities.
As part of its ongoing work with international partners, CISA recently jointly released (with the FBI and the Australian Cyber Security Centre) a guide for software manufacturers to help their products be more secure for customers. The online guide, issued Oct. 24, is called “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers.”
Want more news? Listen to today's daily briefing below or go here for more info:
