The U.S. Department of Homeland Security (DHS) recently released Cybersecurity Performance Goals (CPGs) to aid businesses and critical infrastructure owners in considering measures to protect against cyber threats.
“Organizations across the country increasingly understand that cybersecurity risk is not only a fundamental business challenge but also presents a threat to our national security and economic prosperity,” Secretary of Homeland Security Alejandro N. Mayorkas said. “The new Cybersecurity Performance Goals will help organizations decide how to leverage their cybersecurity investments with confidence that the measures they take will make a material impact on protecting their business and safeguarding our country.”
DHS developed the CPGs through the Cybersecurity and Infrastructure Security Agency (CISA) at the direction of the White House. Over the past year, CISA collaborated with public and private sector partners to identify challenges placing the nation at unacceptable risk.
CISA developed the CPGs in close partnership with the National Institute for Standards and Technology (NIST) to be implemented in accordance with the NIST Cybersecurity Framework.
“To reduce risk to the infrastructure and supply chains that Americans rely on every day, we must have a set of baseline cybersecurity goals that are consistent across all critical infrastructure sectors,” CISA Director Jen Easterly said. “CISA has created such a set of cybersecurity performance goals to address medium-to-high impact cybersecurity risks to our critical infrastructure. We look forward to seeing these goals implemented over the coming years and to receiving additional feedback on how we can improve future versions to most effectively reduce cybersecurity risk to our country.”
DHS maintains every organization should use the NIST Cybersecurity Framework to develop a rigorous, comprehensive cybersecurity program.