InfoSecBulletin Cybersecurity for mankind
The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan to enhance global cooperation in addressing cyber threats to critical infrastructure.
The plan recognizes that cyber risks are complex and spread across different regions, highlighting the importance of quickly sharing threat information and risk reduction advice with international partners.
CYDES 2025 Reinforces Malaysia’s Vision of Secure and Trusted Digital Nation
Cisco alerts that Unified CM has hardcoded root SSH credentials
CYDES 2025
MCSS to implement 6 strategic goals with 7 objectives over 6 year: NACSA Chief
CYDES 2025
Malaysia placed cybersecurity heart of the regional agenda: DPM Ahmad Zahid
Amid Meta moves; OpenAI is largely shutting down next week: Wired
Canada orders Hikvision to close operations over national security
First couple “Rosie” to conceive using AI tech “STAR” successfully
Scattered Spider Actively Attacking Aviation and Transportation: FBI
Russia’s restrictions on Cloudflare making websites inaccessible
61 million Verizon records allegedly posted online for sale
CISA Director Jen Easterly commented: “In following this plan, CISA will improve coordination with our partners and strengthen international relationships to reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day.” This plan builds on CISA’s first Strategic Plan from August 2023.
CISA International Strategic Plan Goals:
The new plan sets out three goals for CISA to achieve over the 2025-2026 period. These are:
Goal 1: Bolster the Resilience of Foreign Infrastructure on which the US Depends:
CISA will work with interagency and international partners to identify and understand which international systems and assets are truly critical to the nation’s critical infrastructure and assess how they are vulnerable to create strategies to manage shared risks.
It will enhance awareness of international threats and risks by improving communication with external partners about incident reporting and threat information.
CISA will collaborate with partners to develop global regulations and guidelines that enhance the cyber resilience of critical infrastructure, including emerging technology, chemical security, emergency communications, and school safety.
Goal 2: Strengthen Integrated Cyber Defense:
CISA will collaborate with partners, global groups, and NGOs to promote effective cybersecurity practices and standards for better cyber safety and security.
This involves promoting responsible state behavior in cyberspace and encouraging partners to adopt secure design principles.
The agency seeks to strengthen its network of trusted partners through CSIRT engagements. These partnerships will facilitate the sharing of useful information, including product updates, vulnerability alerts, victim notifications, and tactics.
Goal 3: Unify Agency Coordination of International Activities:
The CISA Stakeholder Engagement Division (SED) will create a team to guide international activities and clearly define the agency’s international priorities.
To achieve this goal, CISA needs to enhance systematic information sharing for better situational awareness of current and future international activities.
CISA will work on enhancing its workforce’s skills to better impact the international system. This involves training for employees deploying abroad and offering guidance on international etiquette for all travelers.
