Cybersecurity and Infrastructure Security Agency - Annual International Strategic Plan

Key Chapter Title List

1. Executive Summary
2. Our Mission
3. Our Goals and Specific Tasks
4. Goal 1: Enhance the Resilience of Foreign Infrastructure on which the United States Relies
5. Goal 2: Strengthen Integrated Cyber Defense
6. Goal 3: Unify Agency International Activity Coordination
7. Conclusion
8. Appendix 1: Glossary
9. Appendix 2: Linkage with the CISA Strategic Plan

Document Introduction

In today's deeply interconnected and interdependent world, the security protection of cyber and physical infrastructure has become a global issue, urgently requiring collaborative efforts from public and private sector partners across nations. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), as a globally recognized leader in this field, has a core mission to develop and implement forward-looking strategies to reduce various risks faced by critical infrastructure and enhance the resilience of infrastructure on which the United States and its partners rely.

Given the real-world challenge of borderless threats and the groundwork laid by the 2023-2025 CISA Strategic Plan (CISA's first comprehensive strategic plan since its establishment in 2018), CISA has specifically formulated this 2025-2026 International Strategic Plan as a supplementary guiding framework for its international operations and achievement of outcomes. This plan explicitly acknowledges the complexity and geographic dispersion of current global security risks, emphasizes that isolated actions cannot achieve security objectives, and therefore must expand the scope of understanding of internationally shared systemic risks. By timely and accurately sharing threat information and risk mitigation recommendations with international partners, we aim to jointly build a safer cyber-physical integrated environment.

The plan constructs a system of three core goals, forming a logically rigorous action framework. First, enhance the resilience of foreign infrastructure on which the United States relies, targeting cross-sector interconnected areas such as pipelines, telecommunications, and critical supply chains, to precisely identify priority infrastructure and strengthen its security protection and disturbance resistance capabilities. Second, strengthen integrated cyber defense by building a network of trusted partners, promoting the implementation of global cybersecurity standards, and enhancing the offensive/defensive and recovery capabilities of key partners to systematically address cross-border cyber threats. Third, unify agency international activity coordination by improving governance structures, integrating internal functions and resources, and strengthening professional talent training to achieve an "integrated CISA" model for international operations and enhance collaborative efficiency.

Each core goal is accompanied by specific tasks, enabling measures, and performance evaluation metrics, such as precisely identifying critical foreign infrastructure dependencies, deepening multilateral Computer Security Incident Response Team (CSIRT) cooperation, and promoting the widespread adoption of the "Security by Design" principle. The plan strictly follows top-level policy guidance such as the U.S. National Security Strategy and National Cybersecurity Strategy, and is highly aligned with the U.S. International Cyberspace and Digital Policy Strategy. Through cross-departmental coordination mechanisms involving the Department of Homeland Security, the Department of State, and public-private partnerships, it steadily advances the achievement of homeland security and national security objectives.

This strategic plan is not a static document but a dynamic, iterative implementation process. CISA will review execution progress quarterly, flexibly adjusting strategies in response to uncertainties in the international security environment to ensure the integration of quality human resources, processes, technologies, and partner resources at the appropriate time and context. Just as various threats and adversaries continuously adapt to and shape the cyber and physical security environment, CISA will also continuously evolve through this plan, ultimately realizing its core vision of "providing the American people with secure and resilient infrastructure."