The US Cybersecurity and Infrastructure Security Agency announced on Monday it will expand its managed cybersecurity services to non-federal critical infrastructure organizations in need of risk management. CISA previously offered its direct services to federal clients.
- A CISA announcement outlined three goals for the program: establish greater insight into the US’s evolving threat environment, develop a common baseline of cyber protection, and reduce the negative effects of cyber events. The cybersecurity agency hopes to prove it can provide commercial shared services at scale through this pilot program.
- The first phase will expand CISA support to organizations in the healthcare, water, and K-12 education entities. CISA aims to expand to 100 organizations, free of charge, by the end of the year. The cybersecurity agency is also hosting a series of roundtable discussions with private-sector organizations to assess interest and address future avenues of cyber assistance.
Read More: