The U.S. has launched an international strategy called CISA Global that joins with international partners to intensify defense against cyber incidents, enhance security and resilience of critical infrastructure, identify and address significant risks to national critical functions, and provide seamless and secure emergency communications.
By working with multinational stakeholders, CISA will get an opportunity to explore ways to prioritize and sustain investments, such as providing more readily accessible resources for cybersecurity capacity building overall.
Using the CISA Global strategy, the Cybersecurity and Infrastructure Security Agency (CISA) will work towards advancing operational co-operation, building partner capacity, strengthening collaboration through stakeholder engagement and outreach, and helping in shaping the global policy ecosystem. Working with foreign partners will improve CISA’s capacity to share threat information, mitigate advice, and adopt ideal practices that help to reinforce good cyber hygiene, and bolster resiliency within respective systems and critical infrastructure, which in turn will foster a safer cyber-physical ecosystem for all parties.
“There are no borders to the cyber risks we face, and now – more than ever – we must work together,” Brandon Wales, acting CISA director, said in a news release last week. “CISA Global describes how we will engage with international partners to build CISA’s capacity and strengthen our ability to defend against cyber incidents, enhance the security and resilience of critical infrastructure, identify and address the most significant risks to critical functions, and provide seamless and secure emergency communications.”
Recent cybersecurity attacks, such as the SolarWinds supply chain attack and the Oldsmar water plant hack have created an atmosphere of heightened security threats, which must be immediately brought under control.
Earlier this month, industrial cybersecurity company Claroty revealed a 25 percent rise for the second half of 2020 in industrial control system (ICS) vulnerabilities compared to 2019, with over 70 percent of flaws remotely exploitable through network attack vectors, apart from a 33 percent jump in ICS loopholes from the first half of last year.
With its new strategy, CISA aims to provide a more open, interoperable, reliable, and secure interconnected world that fosters a global operational and policy environment where government and industry security professionals and risk managers can collectively stop threats and address risks to critical infrastructure, while engaging with stakeholders and building capacity.
Using CISA Global, the security agency aims to promote security and resilience measures across critical infrastructure sectors, in addition to promoting global communications infrastructure assets and systems, including internet connectivity that is open, interoperable, reliable and secure.
As CISA strives to expand its global partnerships, it “must ensure that our international engagement and related operations reflect broader U.S. national security, economic, and foreign policy goals to identify and implement cyber and infrastructure security objectives,” wrote Wales in a CISA Global report.
Operational cooperation is characterized by mutually sharing of beneficial information that informs and enhances relationships. Through such international operational cooperation, CISA can improve its collective situational awareness, and is able foster innovative approaches for responding to and mitigating threats and hazards to critical infrastructure and cybersecurity.
Developing CISA’s alliances into trusted relationships will enable critical operational information sharing that can improve communications capabilities, foster an environment for joint operations, and support resilience efforts – whether that be by sharing operational best practices, working on joint exercises, addressing threat information and related mitigation advice, or collaborating in a fashion so as to align security and defense efforts with like-minded partners.
CISA aims to build and to mature partnerships to create channels of communication that facilitate the exchange of information, best practices, ideas, and lessons-learned, while being timely and relevant to ongoing global efforts to address common issues. Through stakeholder engagement and outreach, CISA is not only able to raise awareness to a broader audience but is also able to maintain a platform amenable to U.S. initiatives and priorities.
The security agency will collaborate and coordinate with international partners to enhance awareness and ability to systematically address hybrid risks and emerging threats to maintain international stability and develop international standards that guard against risk to Information and communications technology (ICT) and mitigate supply chain risks.
Through cooperation with the Department of Homeland Security (DHS), CISA will guide overall U.S. government efforts to work bilaterally, regionally and multilaterally with foreign counterparts in order to promote adoption of standards, regulations and policies that support a homeland and global community that is safe, secure and resilient to threats and hazards.
Given the dynamic threat landscape and significant developments in global cybersecurity and infrastructure security related policies, the U.S. government must remain fully engaged to shape an environment that will preserve our national security interests, economic security interests, and competitiveness into the future. CISA has a key role to play in these efforts and will actively work with international partners to defend today and secure tomorrow, it added.