The Cybersecurity and Infrastructure Security Agency (CISA) released its Strategic Intent document on August 22, using election security as a model for how the agency plans to address security threats, and also establishing election security as one of the agency’s operational priorities.
The Strategic Intent document, which serves as the “keystone for our new agency” according to comments from CISA Director Christopher Krebs, sets election security as one of five operational priorities, alongside supply chain threats from China, soft targets for physical security, Federal cybersecurity, and industrial control systems.
“One of the highest-profile threats we face today is attempts by nation-state actors to maliciously interfere in our democratic elections,” the document states.
CISA also holds up its work in securing the 2018 midterm elections as a “model for collaborative risk management,” noting that the agency undertook multiple efforts to secure the elections. Over 500 CISA employees worked on election security, with the agency hosting tabletop planning events, publishing guidance on cybersecurity, and collaborating with security operation centers.
“These efforts exemplify CISA’s model for addressing national-level risks: agile in how we pivot toward emerging threats; collaborative in identifying strategies and solutions; and results-oriented in how we respond and follow through,” CISA said.
Strategic Intent also emphasizes the need for the relatively new agency to establish strong mission support functions, setting forth the aim to become a “21st Century Agency” as one of three goals in the document.
“Across all of our mission support elements – workforce development, CISA transformation, capability delivery, and other business support – CISA must identify and apply lessons learned from across the Federal government and private industry,” the agency states.