David Mussington, executive assistant director for infrastructure security at the Cybersecurity and Infrastructure Security Agency, said CISA is developing “physical security performance goals” amid increasing threats to critical infrastructure, Federal News Network reported Friday.
“Right now, they’re in interagency coordination,” Mussington told FNN in an interview.
“At some point in the future, after the interagency has their say, we’ll be doing coordination with stakeholders in different industry domains, to try and make sure that we have customized goals and practices that are refined in the context of specific industry needs,” he added.
According to Mussington, the next critical step for CISA is to transition those high-level security performance goals into specific practices for different sectors and industries.
“There will be a general version, but goals applied to a specific business setting that allow you to put metrics together for your programs to see how you’re doing against best practices and against industry benchmarks,” Mussington said.
“So benchmarking, lessons learned, and revisiting and refreshing familiarity with best practices through training of staff, training of managers, to make sure that they’re cognizant of what the risk situation is,” he noted.
Register here to attend the Potomac Officers Club’s 2024 Cyber Summit. Listen to cyber experts, government and industry leaders on June 6 as they discuss the latest trends and cyber’s dynamic role in the public sector.