CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave Government Solutions Applauds CISA’s Strategic Plan’s Emphasis on Collaborating with the Private Sector

Cybersecurity and Infrastructure Security Agency’s (CISA) has released their 2023-2025 Strategic Plan, its first comprehensive strategic plan since the agency was created four years ago.

“This is an important step in planning and preparing to combat the evolving cyber threats,” said Bill Rucker, president of Trustwave Government Solutions (TGS). “I appreciate the emphasis on working with the private sector in the plan. I look forward to a strengthened relationship between TGS and CISA.

The 33-page strategic plan is centered on reducing risk and building resilience to cyber and physical attacks to the U.S. critical infrastructure.

“The risks we face are complex, geographically dispersed, and affect a diverse array of our stakeholders, including federal civilian government agencies, private sector companies, state, local, tribal, and territorial (SLTT) governments, and ultimately the American people,” said CISA Director Jen Easterly. “It is our duty to work with our stakeholders to mitigate these risks to preserve our national security, economic stability, and the health and safety of all our citizens.”

CISA’s plan lays out four goals on which CISA will focus its efforts, including strengthening ties with the private sector. The agency considers itself more than just another bureaucracy, the report stated, instead likening itself to a public-private collaborative, which Trustwave wholeheartedly supports.

“At Trustwave Government Solutions, we are dedicated to collaborating with our government partners to help support CISA’s efforts to implement its Strategic Plan,” Rucker said. “We understand the need for a strong public-private partnership to combat cyber threats, and we will continue to foster our client relationships to ensure the paths of communication are always open.”

CISA’s Four-Step Cybersecurity Plan

The 2023-2025 Strategic Plan is based on the Strategic Intent CISA published in August 2019. In that document the agency laid out its strategic vision and operational priorities as set by then CISA Director Chris Krebs. This guidance provided a general approach for how CISA would execute its responsibilities and these processes are fleshed out in the Strategic Plan.

19056_cisas-four-step-cybersecurity-plan

 

Under the Strategic Plan CISA said it will:

  1. Spearhead the national effort to ensure the cyber defense and resilience of cyberspace and to defend against cyber threat actors that target U.S. critical infrastructure and SLTT governments, the private sector, and the American people. CISA must lean forward in our cyber defense mission toward collaborative, proactive risk reduction.
  2. Work to reduce risks to, and strengthen the resilience of, America’s critical infrastructure. Our safety and security depend on the ability of critical infrastructure to prepare for and adapt to changing conditions and to withstand and recover rapidly from disruptions. CISA coordinates a national effort to secure and protect against critical infrastructure risks. This national effort is centered around identifying which systems and assets are truly critical to the nation, understanding how they are vulnerable, and taking action to manage and reduce risks to them. We serve as a key partner to critical infrastructure owners and operators nationwide to help reduce risks and build their security capacity to withstand new threats and disruptions, whether from cyberattacks or natural hazards and physical threats.
  3. Strengthen whole-of-nation operational collaboration and information sharing. At the heart of CISA’s mission is partnership and collaboration. Securing our nation’s cyber and physical infrastructure is a shared responsibility. We are challenging traditional ways of doing business and actively working with our government, industry, academic, and international partners to move toward more forward-leaning, action-oriented collaboration. We are also committed to growing and strengthening our Agency’s regional presence to more effectively deliver the assistance our stakeholders need.
  4. We will unify as One CISA through integrated functions, capabilities, and workforce. We will succeed because of our people. We are building a culture of excellence based on core values and core principles that prize teamwork and collaboration, innovation and inclusion, ownership and empowerment, and transparency and trust. As one team unified behind our shared mission, we will “work smart” to operate in an efficient and cost-effective manner.

Latest Trustwave Blogs

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware...

Read More

Effective Cybersecurity Incident Response: What to Expect from Your MDR Provider

Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort,...

Read More

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are...

Read More