Over the past four years, the Cybersecurity and Infrastructure Security Agency (CISA) has emerged as a vital force in shaping the nation’s cybersecurity landscape. Established to safeguard critical infrastructure and mitigate emerging cyber threats, CISA has steadily evolved to meet the ever-changing demands of national security.
As the U.S. heads into 2025 and beyond, a review of the agency’s most significant policy actions offers a window into its growing influence in ensuring the security and resilience of both the nation’s digital and physical infrastructures.
2024: A Renewed Focus on Critical Infrastructure Resilience
The most recent development came in April 2024, when the National Security Memorandum on Critical Infrastructure Security and Resilience (NSM-22) reinforced CISA’s leadership role. This memorandum formalized the agency’s position as the National Coordinator for the Security and Resilience of U.S. Critical Infrastructure, allowing CISA to implement a biennial risk management cycle aimed at reducing vulnerabilities within the nation’s infrastructure.
A critical part of this initiative is prioritizing collaboration with partners from both public and private sectors to assess risks across various industries. By actively engaging stakeholders, CISA aims to better understand sector-specific threats while mitigating risks at a national level.
One of the program’s most notable outcomes will be the creation of the 2025 National Infrastructure Risk Management Plan, which will guide federal efforts to safeguard critical infrastructure over the coming years.
2023: Strengthening Cybersecurity Strategies and AI Initiatives
The year 2023 marked a key moment in the country’s cybersecurity strategy with the release of the National Cybersecurity Strategy (NCS). This document, which outlines a comprehensive approach to cybersecurity, emphasizes the importance of strengthening collaboration between government agencies and industry leaders. Among the many actions highlighted, CISA played a central role in the following:
- Updating the National Cyber Incident Response Plan: This plan aims to streamline coordinated efforts during cyber incidents, ensuring a more efficient and cohesive response.
- Expanding Anti-Ransomware Efforts: CISA further solidified its commitment to combating ransomware through its leadership in the Joint Ransomware Task Force (JRTF), which continued its mission to reduce the impact of ransomware attacks through coordinated national efforts.
- Enhancing Collaboration with Industry Stakeholders: Through industry partnerships, CISA sought to improve operational security, ensuring that both public and private entities are well-equipped to face evolving threats.
As the nation grapples with the rise of artificial intelligence (AI), Executive Order 14110 in late 2023 emphasized CISA’s role in securing the development and use of AI systems. The order tasked CISA with helping stakeholders protect critical infrastructure from AI-related risks while also exploring the technology’s potential to enhance cybersecurity defenses.
This shift in focus highlights both the risks and opportunities AI presents for the cybersecurity ecosystem, positioning CISA at the intersection of innovation and security.
2022: Advancing Incident Reporting and Strengthening Ransomware Defense
2022 saw the enactment of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), a key law that requires critical infrastructure entities to report cyber incidents and ransomware payments to CISA within 24 hours. This legislation gave the agency a more direct role in responding to incidents and disseminating actionable intelligence to strengthen defenses across sectors. Timely reports enabled CISA to:
- Offer rapid assistance to victims of cyberattacks.
- Analyze incoming reports to spot emerging trends and threats.
- Share findings with network defenders to prevent further attacks.
The passage of CIRCIA also resulted in two vital programs aimed at addressing ransomware risks. The Joint Ransomware Task Force (JRTF), co-chaired by CISA and the FBI, coordinated a nationwide initiative to tackle ransomware head-on. This task force connected federal, state, local, tribal, and territorial (SLTT) agencies with private companies to form a united front against these attacks.
The Ransomware Vulnerability Warning Pilot (RVWP) was another milestone under CIRCIA. This program sought to identify common vulnerabilities that ransomware actors exploit and issued warnings to organizations with susceptible systems.
In 2023 alone, the RVWP issued over 1,700 vulnerability notifications, leading to significant improvements in cybersecurity practices, including patches and compensating controls for nearly half of the identified devices.
2021: Strengthening Cybersecurity Foundations in Response to SolarWinds
CISA’s pivotal role in strengthening U.S. cybersecurity foundations was most evident in the wake of the SolarWinds supply chain attack in late 2020. This attack, which compromised numerous federal agencies, led to the issuance of Executive Order 14028 in May 2021. The order tasked CISA with several high-priority actions:
- Improving Threat Information Sharing: By facilitating better communication between federal agencies and private organizations, CISA worked to improve the nation’s ability to detect and respond to cyber threats.
- Modernizing Federal Cybersecurity Standards: The order called for a modernization of cybersecurity practices across federal networks, an effort that would increase defenses against evolving cyber threats.
- Securing the Software Supply Chain: Given the vulnerabilities exposed by the SolarWinds attack, CISA worked to implement stronger security measures in software development and deployment, seeking to mitigate future risks.
In the same year, CISA also introduced the Cybersecurity Performance Goals (CPGs), a set of best practices designed to help smaller organizations strengthen their cybersecurity. These guidelines were developed through extensive consultations with industry experts and aimed to provide organizations with a clear, actionable framework to prioritize security measures.
Looking Ahead
CISA, with its bold approach and growing influence, is not just keeping pace but actively shaping the future of national cybersecurity. As we move into 2025, the agency’s strategic partnerships with federal and state governments, private companies, and international allies will be the cornerstone of a new era in defense against cyber threats.
With AI at the helm of next-gen cybersecurity innovations, CISA is poised to lead the charge, harnessing the power of technology to outsmart and outpace cyber adversaries. Yet, the journey ahead will be anything but easy—new threats will emerge, old ones will evolve, and the demand for resilience will only grow.
What will the next chapter look like? As CISA continues to redefine the landscape, only one thing is certain: The battle for cybersecurity is far from over, and the coming years will be pivotal in determining whether the U.S. can stay one step ahead.
