The Cybersecurity and Infrastructure Security Agency (CISA) has released its strategic plan for fiscal years 2024 through 2026   . This plan aligns with the National Cybersecurity Strategy released by the White House and aims to enhance the nation’s cybersecurity preparedness.
CISA’s strategic plan serves as a guide for implementation, resource allocation , and operational planning within the agency . It emphasizes collaboration , innovation , and accountability to address imminent threats to networks within the U.S.  and increase barriers to cyber intrusions . The plan focuses on three goals: addressing immediate threats   , strengthening security measures , and driving security at scale     . Each goal is supported by three objectives , outlining CISA’s scope for the next three years .
The plan includes specific measures of effectiveness to assess progress  , such as improvements in detecting adversary activity and fixing known vulnerabilities . CISA aims to work with partners to gain visibility into intrusions , disrupt threat actor campaigns , and mitigate exploitable conditions . They also aim to promote strong security practices , provide guidance for effective security investments , and prioritize cybersecurity as a safety issue  . Additionally, CISA plans to contribute to efforts in understanding and reducing risks posed by emerging technologies and building a diverse national cybersecurity workforce .
The plan highlights the importance of a whole-of-government and whole-of-nation approach to cybersecurity and the need to expand and modernize capabilities and services . Collaboration between government and private sectors is crucial for creating a safer future . CISA acknowledges the need for periodic re-evaluation of strategic priorities due to changes in the threat and technology environments and recognizes the importance of helping resource-poor organizations prioritize security measures.
The plan mentions taking a data-driven approach to identify practices that reduce cyber risk and promote software transparency . It emphasizes a voluntary , trust-based collaboration with the private sector . However, it does not focus on software supply chain risk , despite earlier calls to address this issue in CISA’s National Cybersecurity Strategy .
CISA’s strategic plan for fiscal years 2024 through 2026 aims to enhance the nation’s overall cybersecurity preparedness . By addressing immediate threats      , strengthening security measures , and driving security at scale     , CISA aims to improve the resilience of networks within the U.S. The plan emphasizes collaboration, innovation , and accountability , and highlights the importance of a whole-of-government and whole-of-nation approach to cybersecurity . Moving forward, CISA will continue to adapt its strategic priorities to address evolving threats and technology environments, while also prioritizing the needs of resource-poor organizations.