The US CISA has unveiled its Cybersecurity Strategic Plan for the next fiscal years 2024-2026, focusing on three main goals and several objectives.
The first goals is ‘addressing immediate cyber threats’ by making it more difficult for threat actors to achieve their goals by targeting the networks of the US and its allies. The objectives include increasing visibility into threats and campaigns and increasing the ability to mitigate them, addressing critical and exploitable vulnerabilities, and conducting exercises and joint defense operations to ensure an effective response to urgent threats.
The second objective is ‘hardening the terrain’ by adopting strong security and resilience practices to reduce the likelihood of damaging attacks that include understanding how attacks occur and how they can be stopped, driving the implementation of measurably effective investments, and providing modern cybersecurity capabilities and services and measuring their effectiveness.
The third goal is ‘driving security at scale’ by prioritizing security as a fundamental safety issue that involves technology providers building security into their products and shipping them with secure defaults. Other objectives include reducing cybersecurity risks posed by new technologies and contributing to efforts to build a national cyber workforce.
As America’s Cyber Defense Agency, CISA serves a foundational role in the global cybersecurity community, but true and lasting security in cyberspace can only be achieved collaboratively. Government at all levels, industry, technology providers, the global community of cyber defenders, individual citizens, and others must all work together to achieve a secure cyber future.