Introduction
In 2024 [1] [2] [3] [4], the US Cybersecurity and Infrastructure Security Agency (CISA) underwent significant growth and transformation under the leadership of Director Jen Easterly [1] [2] [3]. Her tenure was marked by a strong emphasis on collaboration with various stakeholders to address escalating cybersecurity threats, particularly from China [4]. As she prepares to step down in January, Easterly’s efforts have laid a foundation for future advancements in cybersecurity.
Description
In 2024 [1] [2] [3] [4], the US Cybersecurity and Infrastructure Security Agency (CISA) experienced significant growth and transition under the leadership of Director Jen Easterly [1] [2] [3], who is set to step down in January [2]. During her tenure, Easterly underscored the importance of collaboration with industry partners [1] [3], state and local officials [1] [2] [3], and election stakeholders [1] [2] [3], particularly in light of escalating cybersecurity threats, especially from China. She noted that incidents like the “Salt Typhoon” breach represent only the “tip of the iceberg” in terms of cyberattacks targeting US critical infrastructure. These attacks are not solely aimed at information theft; they also serve as probes for potential disruptions in the event of a US-China conflict [4], which could lead to assaults on essential services such as pipelines, water facilities [4], transportation nodes [4], and communications [4], potentially inciting societal panic [4].
CISA’s Pre-Ransomware Notification Initiative (PRNI) saw substantial success [1] [3], with the agency sending 2,131 notifications in 2024, contributing to a total of 3,368 since its inception [1] [2] [3]. Key achievements included mitigating over 1,200 vulnerable devices [1] [2] [3], blocking 1.26 billion malicious connections targeting federal agencies [1] [2] [3], remediating over 861 vulnerabilities [1] [2] [3], and producing 427 vulnerability advisories [1] [2] [3]. Additionally, CISA released nearly 1,300 cyber defense alerts and advisories [1] [2] [3], including 58 joint-sealed cybersecurity advisories through the Joint Cyber Defense Collaborative (JCDC) [1] [2] [3]. The agency also enhanced cyber incident reporting resources and published the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Notice of Proposed Rulemaking [2] [3].
Efforts to secure “target rich [2] [3], cyber poor” sectors [1] [2] [3], such as water management [1] [2] [3], healthcare [1] [2] [3], and education [1] [2] [3], were undertaken in collaboration with the US Environmental Protection Agency (EPA) and the Department of Health and Human Services (HHS) [1] [2] [3]. The Secure by Design program expanded in 2024 [1] [2] [3], reaching 250 software manufacturers and gaining endorsements from the NSA [1] [2] [3], FBI [1] [2] [3], and 14 international partners [1] [2] [3]. CISA emphasized principles of customer security ownership [3], transparency [1] [3], and accountability [1] [3], while providing updated guidance for technology manufacturers and integrating security into educational programs to build a future workforce prioritizing secure design [3].
In April 2024 [1] [2] [3], CISA conducted the Cyber Storm IX exercise [2], simulating nation-state-sponsored cyber threats and involving over 2,200 participants from federal agencies [2], states [1] [2] [3] [4], private companies [1], and partner nations [1]. The agency’s primary focus was on countering threats from Chinese actors [1] [2] [3], identified as the most persistent cyber threat to the US [1] [2] [3].
In preparation for the November 2024 US Elections [2] [3], CISA launched the #Protect2024 portal [1] [2] [3], which became a central hub for election security guidance [2], amassing over 235,000 views and releasing 17 new security guidance products [1] [2] [3]. The agency also issued joint statements with the FBI and the Office of the Director of National Intelligence regarding foreign government activities targeting election infrastructure [3].
On October 29 [2], CISA released its first International Strategic Plan [1] [2] [3], aiming to enhance coordination with international partners and focus on securing AI systems [1] [2] [3]. The establishment of the Chief AI Officer role and participation in the Testing Risks of AI for National Security (TRAINS) taskforce were key developments [2]. In her closing remarks [1], Easterly emphasized the importance of collaboration among government [2], industry [1] [2] [3], academia [1] [2] [3], and international partners to protect critical infrastructure [1] [2] [3], expressing optimism for CISA’s future under new leadership [1] [2]. She also voiced her concerns regarding the naming of cyber threats, advocating for less glorifying terms to better reflect the harm intended by the attackers.
Conclusion
The initiatives and strategies implemented by CISA under Director Jen Easterly’s leadership have significantly bolstered the nation’s cybersecurity posture. By fostering collaboration across various sectors and focusing on proactive measures, CISA has effectively mitigated numerous threats and laid the groundwork for continued progress. As the agency transitions to new leadership, the emphasis on securing critical infrastructure and adapting to emerging challenges, such as AI-related risks, will remain crucial in safeguarding national security.
References
[1] https://www.infosecurity-magazine.com/news/cisa-2024-review-cyber-industry/
[2] https://osintcorp.net/cisas-2024-review-highlights-major-efforts-in-cybersecurity-industry/
[3] https://ciso2ciso.com/cisas-2024-review-highlights-major-efforts-in-cybersecurity-industry-collaboration-source-www-infosecurity-magazine-com/
[4] https://www.thecipherbrief.com/2024-10-great-cipher-brief-conversations
