Cybersecurity and Infrastructure Security Agency - Annual International Strategic Plan

Key Chapter Title List

1. Executive Summary
2. Our Mission
3. Our Goals and Specific Tasks
4. Goal 1: Enhance the Resilience of Foreign Infrastructure on which the United States Relies
5. Goal 2: Strengthen Integrated Cyber Defense
6. Goal 3: Unify Coordination of Agency International Activities
7. Conclusion
8. Appendix 1: Glossary
9. Appendix 2: Alignment with the CISA Strategic Plan

Document Introduction

In today's deeply interconnected and interdependent world, the security of cyber and physical infrastructure has become a global issue, urgently requiring collaborative efforts from public and private sector partners across nations. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), as a globally recognized leader in this field, has a core mission to develop and implement forward-looking strategies to mitigate various risks to critical infrastructure and enhance the resilience of infrastructure relied upon by the United States and its partners.

Given the reality of borderless threats and the groundwork laid by the 2023-2025 CISA Strategic Plan (CISA's first comprehensive strategic plan since its establishment in 2018), CISA has specifically formulated this 2025-2026 International Strategic Plan as a supplementary guiding framework for its international operations and achievement of outcomes. This plan explicitly acknowledges the complexity and geographic dispersion of current global security risks, emphasizing that isolated actions cannot achieve security objectives. Therefore, it is essential to expand the understanding of internationally shared systemic risks and, through timely and precise sharing of threat information and risk mitigation recommendations with international partners, jointly build a safer cyber-physical integrated environment.

The plan establishes a system of three core goals, forming a logically rigorous action framework. First, enhance the resilience of foreign infrastructure on which the United States relies, focusing on cross-sector interconnected areas such as pipelines, telecommunications, and critical supply chains, to accurately identify priority infrastructure and strengthen its security protection and disturbance resistance capabilities. Second, strengthen integrated cyber defense by building a network of trusted partners, promoting the implementation of global cybersecurity standards, and enhancing the offensive/defensive and recovery capabilities of key partners to systematically address cross-border cyber threats. Third, unify the coordination of agency international activities by improving governance structures, integrating internal functions and resources, and strengthening professional personnel training to achieve an integrated CISA international action model and enhance collaborative efficiency.

Each core goal is accompanied by specific tasks, enabling measures, and performance evaluation indicators, such as accurately identifying critical foreign infrastructure dependencies, deepening multilateral Computer Security Incident Response Team (CSIRT) cooperation, and promoting the widespread adoption of security-by-design principles. The plan strictly follows top-level policy guidance such as the U.S. National Security Strategy and the National Cybersecurity Strategy, and is highly aligned with the U.S. International Cyberspace & Digital Policy Strategy. Through cross-departmental coordination mechanisms involving the Department of Homeland Security, the Department of State, and public-private partnerships, it steadily advances the achievement of homeland security and national security objectives.

This strategic plan is not a static document but a dynamic, iterative implementation process. CISA will review execution progress quarterly, flexibly adjusting strategies in response to uncertainties in the international security environment to ensure the integration of quality human resources, processes, technologies, and partner resources at the appropriate time and in the appropriate contexts. Just as various threats and adversaries continuously adapt and shape the cyber and physical security environment, CISA will also continuously evolve through this plan, ultimately realizing its core vision of providing the American people with a secure and resilient infrastructure.