Cybersecurity Performance Goals Adoption Report Released by CISA

FOR IMMEDIATE RELEASE

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Cybersecurity Performance Goals Adoption Report to highlight the benefits of adopting Cybersecurity Performance Goals (CPGs) in protecting critical infrastructure sectors. Originally released in October 2022, CISA’s CPGs are voluntary practices that critical infrastructure owners can take to protect themselves against cyber threats.

Report Overview

The report is based on an analysis of 7,791 critical infrastructure organizations enrolled in CISA’s Vulnerability Scanning service from August 1, 2022, through August 31, 2024. The data reveals that four critical infrastructure sectors are most impacted by CPG adoption: Healthcare and Public Health, Water and Wastewater Systems, Communications, and Government Services and Facilities. These four sectors have strong partnerships with CISA.

CISA’s Cross-Sector Cybersecurity Performance Goals

As CISA strengthens partnerships across all 16 critical infrastructure sectors, the agency hopes that CPG adoption will continue to expand. CISA urges critical infrastructure to learn more about the Cross-Sector Cybersecurity Performance Goals by visiting the CISA website.

Disclaimer and Terms of Use

This product is provided subject to the Notification and Privacy & Use policy.

About CISA

The Cybersecurity and Infrastructure Security Agency (CISA) is a part of the U.S. Department of Homeland Security. CISA’s mission is to protect the nation’s critical infrastructure from cyber threats.