Introduction
The US Cybersecurity and Infrastructure Security Agency (CISA) has launched its first International Strategic Plan for fiscal years 2025–2026 [2] [3] [4] [7]. This plan marks a pivotal step in enhancing national security through international collaboration, focusing on addressing cyber and physical threats that cross borders. It aligns with national directives and emphasizes the importance of global partnerships to strengthen resilience and cooperation.
Description
The US Cybersecurity and Infrastructure Security Agency (CISA) has established its inaugural International Strategic Plan for fiscal years 2025–2026 [2] [3] [4] [5], representing a significant advancement in the agency’s comprehensive approach to enhancing national security through international collaboration. This initiative underscores the necessity of proactive engagement with global partners to address complex and geographically dispersed cyber and physical threats that transcend borders, thereby strengthening global resilience and cooperation. The plan emphasizes the importance of identifying priority infrastructures essential for US security and enhancing visibility into internationally shared systemic risks, aligning with key national directives such as the National Security Strategy and the National Cybersecurity Strategy [5].
CISA outlines three primary goals within this strategic framework, supported by specific objectives aimed at improving cybersecurity resilience and fostering international relationships. The first goal is to bolster the resilience of foreign infrastructure that impacts US interests. This involves close collaboration with interagency and international partners to identify essential systems [2], assess vulnerabilities [2] [5] [7], and develop strategies for managing shared risks [2]. The agency aims to enhance communication regarding incident reporting and threat information while advocating for the establishment of global security standards, particularly concerning emerging technologies and chemical security. Additionally, CISA seeks to track the effectiveness of global partnerships in mitigating risks to foreign critical infrastructure and monitor actions taken by American stakeholders to prevent cyber disruptions affecting US infrastructure linked to foreign systems and supply chains.
The second goal focuses on strengthening integrated cyber defense [2]. CISA plans to engage with bilateral and multilateral Computer Security Incident Response Teams (CSIRTs) and work alongside international organizations and non-governmental organizations (NGOs) to promote global cybersecurity practices and standards. This includes advocating for responsible state behavior in cyberspace and encouraging the adoption of secure design principles [2]. By expanding its network of trusted partners through bilateral and multilateral engagements [2], CISA seeks to facilitate the exchange of operational information and enhance partners’ capabilities to detect threats and implement real-time risk reduction measures [2]. The agency also aims to improve risk management and incident response through increased information sharing [6], gaining insights into international infrastructure interdependencies to prepare for potential cascading impacts from cyber incidents [6].
The third goal is to unify agency coordination of international activities to streamline CISA’s efforts abroad. This will involve establishing a governance structure to guide its international initiatives, improving information sharing within the agency to maintain situational awareness [2], and enhancing workforce skills for effective engagement in the international arena [2]. This includes training for overseas deployments and guidance on international affairs etiquette [2]. CISA has intensified its international partnership initiatives in response to significant security threats, particularly those linked to state actors, collaborating with countries like Australia, the United Kingdom [1], Germany [1], the Netherlands [1], New Zealand [1], Japan [1], and South Korea to enhance intelligence sharing and address vulnerabilities in global supply chains.
CISA’s commitment to international cooperation is further exemplified by initiatives such as the Counter Ransomware Summit, aimed at establishing a global consensus on deterring ransomware payments [7], and the Information and Communications Technology Supply Chain Risk Management Task Force [7], which seeks to unify global security standards among partner agencies [7]. These efforts are part of a broader strategy by the Biden administration to foster international cooperation for a more secure global ecosystem [7], particularly in light of evolving threats to critical infrastructure. Through these initiatives, CISA recognizes the importance of understanding international critical infrastructure interdependencies and managing systemic risks to enhance national security and public safety, positioning the agency as a leader in infrastructure protection and ensuring a resilient future [4]. Additionally, CISA has collaborated with the FBI and the Australian Cyber Security Centre to release a guide for software manufacturers [6], titled “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers,” aimed at improving product security for users [6].
Conclusion
CISA’s International Strategic Plan for 2025–2026 is a crucial step in fortifying global cybersecurity and infrastructure resilience. By fostering international collaboration [1] [5] [7] [8], enhancing communication, and establishing global security standards, CISA aims to mitigate risks and address vulnerabilities in critical infrastructure. These efforts are vital for ensuring national security and public safety in an increasingly interconnected world, positioning CISA as a leader in global infrastructure protection [4].
References
[1] https://executivegov.com/2024/10/cisa-international-cyber-roadmap/
[2] https://www.infosecurity-magazine.com/news/cisa-international-cybersecurity/
[3] https://insidecybersecurity.com/daily-news/cisa-releases-international-strategic-plan-laying-out-goals-strengthen-partnerships
[4] https://cybermaterial.com/cisa-unveils-its-first-international-plan/
[5] https://thecyberexpress.com/cisa-unveils-strategic-plan-for-2025-2026/
[6] https://www.ttnews.com/articles/cisa-cyber-plan-us-infrastructure
[7] https://www.cybersecuritydive.com/news/cisa-international-strategic-plan-cyber/731473/
[8] https://www.cisa.gov/news-events/news/cisa-releases-its-first-ever-international-strategic-plan
