CISA debuts 2025-2026 International Strategic Plan to boost global cybersecurity collaboration
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released its 2025-2026 International Strategic Plan to serve as a complementary guide for its international activities and outcomes. The document recognizes the complexity and geographical dispersion of the risks faced, emphasizing that objectives cannot be achieved in isolation. Expanding visibility into internationally shared systemic risks is crucial. The maturity and security practices of global owners and operators of cyber and physical infrastructure, technology, supply chains, and systems vary significantly. Sharing timely, relevant, and accurate threat information and risk reduction advice with international partners lays the foundation for a more secure cyber-physical environment globally.
The CISA International Strategic Plan lays three goals that it must achieve to address the ever-changing and dynamic challenges facing America and its international partners. The first two goals focus on ‘what’ the agency will work on in the international environment to achieve the ‘why.’ The objectives are to minimize risks and enhance the resilience of foreign assets, systems, and networks that affect U.S. critical infrastructure, comprehend common global threats to critical infrastructure, and bolster collective defense efforts. The third goal focuses internally on promoting unified action, working as One CISA to conduct international activities.
Through the goals and objectives outlined in the CISA International Strategic Plan, and in coordination with the Department of Homeland Security (DHS), the Department of State, and partners across the interagency, and under U.S. national security, economic, and foreign policy priorities, the CISA will assess and prioritize critical infrastructure dependencies and partner with foreign entities to advance CISA’s homeland security mission.
“In following this plan, CISA will improve coordination with our partners and strengthen international relationships to reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” Jen Easterly, CISA director said in a media statement.
The approach laid out in this CISA International Strategic Plan aligns with the guidance set forth in the National Security Strategy, National Cybersecurity Strategy, U.S. International Cyberspace and Digital Policy Strategy, CISA Strategic Plan 2023–2025, CISA Stakeholder Engagement Strategic Plan FY 2023-2025, and CISA Cybersecurity Strategic Plan 2024–2026, as well as the identified priorities of the Secretary of Homeland Security.
The CISA International Strategic Plan and the U.S. International Cyberspace and Digital Policy Strategy align to bolster and broaden international alliances to mature cyber defense efforts, domestically and internationally. This involves fostering collaborative relationships with global partners; sharing expertise, technical resources, and best practices; and collectively fortifying cyber resilience to address emerging threats in an interconnected world. The approach advances the resilience of critical infrastructure dependencies at home and abroad, as well as ensures a long-term commitment to strengthening international partnerships that are essential for CISA’s mission success.
As part of coordinated U.S. government efforts, CISA will proactively engage and support international partners to assess, influence, and assist with reducing risk and strengthen the security and resilience of foreign assets, systems, and networks on which the nation’s critical infrastructure depends.
As threats evolve across the spectrum of competition with state and non-state actors, no single organization or entity has all the answers for how to address cyber and physical threats to critical infrastructure. Therefore, CISA will prioritize operational collaboration and international activities to achieve mutual interests and goals with partners.
The plan centralizes CISA’s focus and coordination on goals and objectives that increase homeland and national security. More importantly, it positions CISA to support the internal coordination of international activities through the execution of annual planning cycles. The CISA International Strategic Plan seeks to streamline or eliminate overlapping and redundant systems to synchronize complex international issues that cut across the agency.
The aim is to build, strengthen, and sustain international relationships to advance homeland and national security objectives; prevent incidents and increase the resilience of physical and cyber critical infrastructure at home and abroad; increase awareness to detect, deter, and disrupt emerging threats and hazards; manage and reduce systemic risks; and increase understanding of international critical infrastructure interdependencies and anticipate cascading impacts.
It also helps influence international policy, standards, and best practices; assist key partners to address their capability shortfalls; expand bilateral/multilateral exchanges of expertise, in tandem with increased federal inter- and intra-agency coordination, to improve risk management and incident response capacity; and mature and strengthen CISA’s international partnerships, arrangements, and policies.
Recognizing that much of U.S. critical infrastructure interconnects and/or is interdependent with foreign assets, systems, or networks, CISA will work closely with domestic and international partners to bolster the security and resilience of the international critical infrastructure on which the U.S. depends. These interconnections and interdependencies span the full range of critical infrastructure sectors: pipelines, telecommunications, and essential supply chains, among others.
“Malicious cyber actors continue to exploit vulnerabilities across these sectors to target critical infrastructure through ransomware and other cyberattacks. The threat from global terrorism remains a persistent concern and a significant threat to U.S. and international facilities,” according to the CISA International Strategic Plan. “Thus, it is essential for CISA to work with partners to assess and reduce risk from foreign critical dependencies impacting U.S. critical infrastructure resilience. In doing so, CISA must strengthen exchanges with international partners that promote our priorities abroad as well as influence standards, regulations, and policies to advance homeland and national security objectives.”
Further, a collaborative approach to understanding interconnected critical infrastructure systems will set conditions for the U.S. and its international partners to proactively develop strategies, policies, and programs that integrate risk reduction efforts and reflect mutual and multi-stakeholder security interests at home and abroad.
In coordination with the Department of State and relevant U.S. government partners, CISA will broaden its understanding of systemic risk by expanding visibility into infrastructure and supply chain vulnerabilities for priority foreign critical infrastructure upon which the U.S. depends.
The suggested measure of effectiveness includes increasing the number of U.S. government activities coordinated by CISA to advance the security and resilience of prioritized foreign critical infrastructure and supply chains; increasing the number of global partner actions taken to address risks to prioritized foreign critical infrastructure; and increasing the number of domestic partner actions taken to mitigate potential disruptions of U.S. critical infrastructure operations resulting from dependencies with foreign assets, systems, and supply chains.
CISA will also expand its ability to execute joint operational activities, capacity development efforts, and shared policy frameworks that advance U.S. priorities for defending cyberspace and protecting U.S. critical infrastructure.
As a measure of effectiveness, CISA will seek to increase the number of joint operational activities conducted with global partners to build public and private capacity to deter, prevent, protect, and respond to incidents to critical infrastructure; and increase information-sharing exchanges with global partners to promote U.S. security and resilience priorities and enhance CISA’s programs, services, and products.
CISA holds a shared approach to international standards, regulations, guidelines, and best practices for critical infrastructure security and critical emerging technologies, including artificial intelligence (AI). This will help accelerate standards that contribute to interoperability and promote U.S. competitiveness and innovation with its partners.
The agency will advance open, transparent, and rules-based standards processes to ensure that globally relevant standards meet U.S. national security requirements for critical infrastructure.
It will work with partners to counter the influence of adversaries attempting to unduly shape standards in a manner that would represent a threat to national security. In coordination with government, industry, and academic partners, increase the development and publication of technical standards for adoption by international standards and policy-setting bodies that advance the protection, interoperability, and resilience of U.S. critical infrastructure.
The CISA International Strategic Plan prescribes that international cyber defense partnerships set conditions that reduce risk and minimize the impact of attempts to infiltrate, exploit, disrupt, or destroy critical infrastructure systems that support our national critical functions (NCFs). Engaging international partners allows CISA to build trust, illuminate threats, and facilitate the free flow of cybersecurity defense information. The agency will work with partners, international organizations, and nongovernmental organizations to influence global cybersecurity practices and standards that promulgate cyber safety and security at scale. Bolstering the capabilities of key partners improves its collective cyber defense abroad against state and non-state actors.
The document offers an effective international plan depending on the unity of effort across the agency’s divisions and mission-enabling offices (offices). Accomplishing unity of effort will require that CISA internally prioritizes, coordinates, deconflicts, and aligns international activities through improved organization and governance, integrated functions, and a well-trained workforce.
In conclusion, the CISA International Strategic Plan delivers robust and trusted international partnerships that serve as a force multiplier across the spectrum of global competition. Successful partnerships require commitment, dedication, and time to build trust. In coordination with DHS and the State Department, CISA will develop, strengthen, and sustain these relationships.
The CISA International Strategic Plan provides a framework to build and maintain an agency posture with international partners to enable the U.S. to compete with and prevail against current and future threats. Importantly, this plan addresses multiple challenges under different conditions and creates the framework to prioritize agency efforts.
These goals position CISA strategically with a posture that reinforces critical partnerships abroad to overcome complex and interconnected challenges. The strategic approach aligns CISA with the broader U.S. government as well as its international partners to enable access, develop capacity, and ensure the flexibility to support national efforts to compete globally against state and non-state actors.
The CISA International Strategic Plan also creates opportunities for shared success and is a process; therefore, the agency will review progress quarterly. “Unpredictability in the international security environment, or obstacles to our progress, may drive us to change course. We will remain agile and shift our focus to ensure we are integrating the right people, processes, technology, and partners at the right time, place, and space for mission success. Just as our threats and adversaries adapt to and shape the cyber and physical security environment, CISA will continue to evolve to fulfill the vision of a secure and resilient infrastructure for the American people—this CISA International Strategic Plan establishes a proactive path to achieve that vision,” it added.
link