The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a significant step forward by introducing its first international strategic plan in an effort to help contain cyber threats that continue to transcend national borders. The initiative recognizes that protecting America's digital infrastructure requires robust global collaboration.
The launch of the international strategic plan reflects the evolving nature of cybersecurity challenges. Modern cyber threats don't respect geographical boundaries—a ransomware attack originating in one country can quickly impact organizations worldwide. This interconnected reality demands coordinated international response and prevention strategies.
To effectively marshal its resources and guide operations, CISA issued the 2023-2025 CISA Strategic Plan, the agency's first comprehensive strategic plan since CISA's establishment in 2018. In recognition of the reality that today's threats transcend borders, CISA developed its International Strategic Plan as a complementary guide for the agency's international activities and outcomes.
Through the goals and objectives outlined in the CISA International Strategic Plan—in coordination with the Department of Homeland Security (DHS), the Department of State, and partners across the interagency, and in accordance with U.S. national security, economic, and foreign policy priorities—CISA will assess and prioritize critical infrastructure dependencies and partner with foreign entities to advance CISA's homeland security mission.
"In following this plan, CISA will improve coordination with our partners and strengthen international relationships to reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day," CISA Director Jen Easterly said in a press release.
The nine-point plan aims to build, strengthen, and sustain international relationships to:
1. Advance homeland and national security objectives
2. Prevent incidents and increase resilience of physical and cyber critical infrastructure at home and abroad
3. Increase awareness to detect, deter, and disrupt emerging threats and hazards
4. Manage and reduce systemic risks
5. Increase understanding of international critical infrastructure interdependencies and anticipate cascading impacts
6. Influence international policy, standards, and best practices
7. Assist key partners to address their capability shortfalls
8. Expand bilateral/multilateral exchanges of expertise, in tandem with increased federal inter- and intra-agency coordination, to improve risk management and incident response capacity
9. Mature and strengthen CISA's international partnerships, arrangements, and policies
According to the new plan's executive summary, the CISA International Strategic Plan goals are:
Goal 1: Bolster the Resilience of Foreign Infrastructure on Which the U.S. Depends
Recognizing that much of U.S. critical infrastructure interconnects and/or is interdependent with foreign assets, systems, or networks, CISA will work closely with domestic and international partners to bolster the security and resilience of the international critical infrastructure on which the U.S. depends. These interconnections and interdependencies span the full range of critical infrastructure sectors: pipelines, telecommunications, and essential supply chains, among others. Malicious cyber actors continue to exploit vulnerabilities across these sectors to target critical infrastructure through ransomware and other cyberattacks.
Goal 2: Strengthen Integrated Cyber Defense
Cybersecurity threats extend beyond national borders. Strong international cyber defense partnerships set conditions that reduce risk and minimize the impact of attempts to infiltrate, exploit, disrupt, or destroy critical infrastructure systems that support our national critical functions (NCFs). Engaging international partners allows CISA to build trust, illuminate threats, and facilitate the free flow of cybersecurity defense information.
Goal 3: Unify Agency Coordination of International Activities
An effective international plan depends on unity of effort across the agency's divisions and mission enabling offices. Accomplishing unity of effort will require that CISA internally prioritizes, coordinates, deconflicts, and aligns international activities through improved organization and governance, integrated functions, and a well-trained workforce.
"These goals position CISA strategically with a posture that reinforces critical partnerships abroad to overcome complex and interconnected challenges," according to the plan. "The strategic approach aligns CISA with the broader U.S. government as well as our international partners to enable access, develop capacity, and ensure the flexibility to support national efforts to compete globally against state and non-state actors."
Related News
The U.S. recently convened the fourth annual Counter Ransomware Summit in Washington, D.C., in an attempt to reach global consensus on steps to deter ransomware payments.
The State Department has also ramped up efforts in recent months to counter nation-state activity and raise regional security standards by strengthening ties with allies in Asia-Pacific.
CISA took a pioneering step in the realm of artificial intelligence and cybersecurity by appointing its first Chief Artificial Intelligence Officer, Lisa Einstein. The move, announced on August 1, 2024, underscores the growing importance of AI in national and international security and sets a precedent that other organizations may soon follow.
