The Cybersecurity and Infrastructure Security Agency (CISA) recently released its first, comprehensive Strategic Plan, intended to guide its efforts over the next three years. CISA notes the Strategic Plan focuses on how the agency and its partners will collectively reduce risk and build resilience to cyber and physical threats to the nation’s infrastructure.
To achieve the outcome of reduced risk and increased resilience, the Strategic Plan describes four goals. Three of these goals focus on “how” the agency will work to reduce risk and build resilience. First, CISA aims to "spearhead the national effort to ensure the defense and resilience of cyberspace." Second, it "will reduce risks to, and strengthen the resilience of, America’s critical infrastructure." And third, it "will strengthen whole-of-nation operational collaboration and information sharing." The fourth goal focuses internally to ensure the agency is in a strong position to execute the CISA Strategic Plan, working as "One CISA." With the release of the Strategic Plan, CISA also notes it is developing internal measures of performance and effectiveness to better track progress toward reducing risk and achieving its goals. Access the Strategic Plan at CISA and below.