CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats
The United States’ Cybersecurity and Infrastructure Security Agency (CISA) this week launched a two-year International Strategic Plan – its first ever – aligning with domestic plans and policies and focusing on organisations beyond the US’ borders to strengthen security and resilience.
The agency said that the risks faced by US federal agencies, state and local governments, other public sector bodies, and operators of critical national infrastructure (CNI) were complex, geographically distributed and did not abide by borders, requiring the concerted efforts of industry and partner agencies, such as the UK’s National Cyber Security Centre (NCSC), all over the world.
“In following this plan, CISA will improve coordination with our partners and strengthen international relationships to reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” said CISA director Jen Easterly.
The International Strategic Plan focuses on three core pillars:
- Improving the resilience of global infrastructure on which the US depends;
- Strengthening integrated cyber defences;
- And unifying agency coordination of activities beyond the US.
It also hopes to help do more to prevent incidents, disrupt threats and reduce systemic risk; improve global awareness and understanding of dependencies; influence international policy, standards and best practice; help key partners address cyber capability shortfalls; and expand bilateral and multilateral exchanges of expertise.
Emily Phelps, director of Cyware, a threat intelligence specialist, commented: “CISA’s 2025-2026 International Strategic Plan underscores the urgency of an interconnected approach to securing critical infrastructure across borders.
“As cyber threats grow increasingly complex and far-reaching, swift, collaborative information-sharing becomes essential to mitigate risks that could impact not just a single nation but the global landscape. CISA’s commitment to bolstering the resilience of international assets and systems vital to US security reflects a forward-thinking acknowledgement of interdependencies in today’s cyber ecosystem,” she said.
Phelps welcomed the focus on strengthening integrated security defences and establishing clearer governance structures, describing them as a “strategic leap” towards a more cohesive approach to shared threats.
“This approach…can set a precedent for global cybersecurity initiatives, reinforcing that collective defence is the linchpin in navigating future cyber challenges,” she said.
CISA’s future
CISA was established during the first administration of president Donald Trump in 2018 as a successor body to the National Protection and Programs Directorate (NPPD) within the Department for Homeland Security (DHS).
It ran afoul of Trump following the contested 2020 presidential election, when it rebutted his false claims that electronic voting systems were compromised, saying there was absolutely no evidence of this.
This incident cost founding director Christopher Krebs his job, but CISA has rebounded under president Biden with new leadership, although US lawmakers have expressed concerns that it may find its operations drastically cut back under a second Trump administration.
Regardless of its future, CISA is continuing to monitor and protect US election systems from malicious interference – which has usually come from nation-state actors.
This week, it launched a one-stop shop website under the auspices of its ongoing #Protect2024 project, to provide US citizens with information on cyber threats and disinformation surrounding the Tuesday 5 November poll.
Some of its recent work on election includes the disruption of a Russian deepfake disinformation campaign in the form of a video that appeared to depict an individual destroying paper ballots in the state of Pennsylvania. The material has been thoroughly debunked.
“This Russian activity is part of Moscow’s broader effort to raise unfounded questions about the integrity of the US election and stoke divisions among Americans, as detailed in prior ODNI [Office of the Director of National Intelligence] election updates,” a spokesperson for CISA said.
“In the lead up to election day and in the weeks and months after, the IC expects Russia to create and release additional media content that seeks to undermine trust in the integrity of the election and divide Americans.”
Read more about CISA’s work
- CISA director Jen Easterly emphasised at Black Hat 2024 that election stakeholders cannot be complacent because ‘the threat environment has never been so complex’.
- CISA and partners released a cyber security advisory regarding threat actors, such as Pioneer Kitten and UNC757, some of which have ties to the Iranian government.
- CISA executive director Brandon Wales speaks with TechTarget Editorial to discuss CIRCIA and the importance of incident reporting to the larger cyber security ecosystem.
Originally published at ECT News