What's Happening?
The Cybersecurity and Infrastructure Security Agency (CISA) has released an updated version of its Cross-Sector Cybersecurity Performance Goals (CPGs) to enhance the protection of critical infrastructure in the United States. Version 2.0 of the CPGs incorporates
feedback from hundreds of stakeholders in government and industry, aiming to provide practical, outcome-driven guidance for organizations. The updated goals include a new 'Govern' category to emphasize the role of business leaders in cybersecurity oversight, as well as consolidated goals for information and operational technology. New objectives focus on addressing supply-chain risks, implementing zero-trust architecture, and improving incident-response communications. These changes are designed to promote accountability, improve risk management, and support strategic cybersecurity governance across various sectors.
Why It's Important?
The updated cybersecurity benchmarks are crucial for strengthening the resilience of the nation's critical infrastructure against cyber threats. As cyberattacks become more sophisticated and frequent, it is essential for infrastructure operators, such as utilities, water treatment facilities, and hospitals, to have clear and actionable security guidelines. The enhancements in the CPGs aim to bridge the gap between IT and operational technology, ensuring a more integrated approach to cybersecurity. By providing measurable objectives and promoting strategic investments in cybersecurity, CISA's updated goals help organizations better protect their systems and data, ultimately safeguarding public safety and national security.
