CISA to develop strategic plan on how to measure risk, with focus on outcomes

The Cybersecurity and Infrastructure Security Agency is working on a strategic plan that will address how the agency measures risk through looking at measurements of performance and effectiveness, according to Director Jen Easterly.

At an industry event on Thursday, Easterly said she set out to change CISA’s mission in her first year on the job from leading “the national effort to understand and manage risk” to “understand, manage and reduce risk to the critical infrastructure that Americans rely on every...