The U.S. Department of Homeland Security recently published the Cybersecurity Performance Goals, which are voluntary guidelines that provide the highest-priority baseline security precautions owners of critical infrastructure can adopt.
The White House directed DHS to create the CPGs through the Cybersecurity and Infrastructure Security Agency, according to an Oct. 27 news release.
“Organizations across the country increasingly understand that cybersecurity risk is not only a fundamental business challenge but also presents a threat to our national security and economic prosperity,” Secretary of Homeland Security Alejandro N. Mayorkas said in the release. "The new Cybersecurity Performance Goals will help organizations decide how to leverage their cybersecurity investments with confidence that the measures they take will make a material impact on protecting their business and safeguarding our country.”
“To reduce risk to the infrastructure and supply chains that Americans rely on every day, we must have a set of baseline cybersecurity goals that are consistent across all critical infrastructure sectors," CISA Director Jen Easterly said in the release. "CISA has created such a set of cybersecurity performance goals to address medium-to-high impact cybersecurity risks to our critical infrastructure."
The goals were developed in close partnership with organizations across government and the private sector, the news release said.
"The resulting CPGs are intended to be implemented in concert with the NIST Cybersecurity Framework," the release reported. "The CPGs prescribe an abridged subset of actions to help organizations prioritize their security investments."
