CISA Looks to Global Cooperation for Strategic Plan Against Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled its global plan for partnering internationally against cyber threats and attacks. Together with the Department of Homeland Security, the State Department, and others, CISA’s plan aims to enhance critical infrastructure resilience, secure global supply chains, and improve intelligence sharing with international cyber authorities.

Nathan Eddy at Security Boulevard writes that with a more unified global approach to cyber defense, CISA hopes to enhance the resilience of foreign infrastructure critical to the US, fortify integrated cyber defense, and streamline agency coordination on international efforts.

In mitigating risks to the supply chain, CISA emphasizes transparency with vendors. Eddy writes, “By enforcing stringent assessments and requiring detailed disclosures from software, hardware, and communication suppliers, CISA aims to identify and address potential vulnerabilities before they can impact US systems.” In the past couple of years, CISA has published numerous alerts—and pleas—on the state of cyber hygiene, and the steps organizations must take to mitigate risk for IT, IoT, and OT systems.

John Terrill, the CISO for Phosphorus Cybersecurity, calls the structure of the plan thoughtful and suspects the initial public announcements will resemble some of the recent joint operations taking down bad actors and botnets globally. He points out that the nature of cyber attacks is that they exist outside of physical borders while the threat actors themselves do not.

“As we’ve seen in kinetic environments all over the world, the necessity to work in conjunction with our partners has never been more important,” he said. “Applying this successful strategy to the cyber domain is an intuitive idea.”

Terrill tells Security Boulevard that in leveraging international partners with American intelligence and cyber expertise, this level of coordination could be a force multiplier for detecting and deterring bad actors. Read more on the plan and the response from experts here.