ICYMI: Cyber Programs at CISA

Written By Annie Hunziker

Keeping up with cyber news in the critical infrastructure space doesn’t mean reading everything…. it means knowing where to look.

  1. Start with the Cybersecurity and Infrastructure Security Agency’s Cybersecurity Performance Goals. They’re becoming a baseline for what “good” looks like—and if you’re running into challenges implementing them, that feedback is worth sharing: https://www.cisa.gov/cross-sector-cybersecurity-performance-goals

  2. Keep an eye on Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) as the rulemaking evolves. It will reshape incident reporting, and upcoming Town Halls are an easy way to stay informed and weigh in: https://www.cisa.gov/topics/cyber-threats-and-advisories/information-sharing/cyber-incident-reporting-critical-infrastructure-act-2022-circia

    • Note: As of 4/15/26 the Town Halls are on hold until the Department of Homeland Security has appropriations.

  3. For day-to-day awareness, don’t overlook CISA’s own tools—like malware analysis and Cyber Hygiene services—or your regional advisors:

    https://www.cisa.gov/resources-tools/services/malware-next-generation-analysis

    https://www.cisa.gov/cyber-hygiene-services

    https://www.cisa.gov/about/regions

  4. Finally, track the shift toward Secure by Design. It’s quickly becoming the expectation, not the exception: https://www.cisa.gov/securebydesign

Annie Hunziker
Next

EVENT: 4.16-4.17 AFPM Security Conference