Cybersecurity Dive December 12, 2025
Eric Geller

The agency streamlines and supplements goals it first issued in 2022.

The Cybersecurity and Infrastructure Security Agency has updated a list of goals that it hopes water treatment facilities, hospitals and other critical infrastructure operators will use to protect their systems from hackers.

Version 2.0 of CISA’s Cross-Sector Cybersecurity Performance Goals (CPGs), which the agency released on Thursday, “incorporates three years of operational insights, and address emerging threats through data-driven, actionable guidance,” CISA said in a statement. “These enhancements are designed to promote accountability, improve risk management, and support strategic cybersecurity governance across sectors.

The changes include the addition of a new “Govern” category of goals, meant to reinforce the importance of business leaders’ involvement in overseeing cybersecurity; the consolidation...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Technology
Related Articles:
‘Complexity is where cyber risk tends to grow’
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Your Organization Isn’t Cyber Ready... It Just Thinks It Is
HHS-OIG Report Highlights Key HHS Cybersecurity Challenges
NIST is rethinking its role in analyzing software vulnerabilities

Share Article