CISA releases findings from adopting cross-sector cyber performance goals to critical infrastructure entities

The Cybersecurity and Infrastructure Security Agency has released a report on adoption of its cross-sector cyber performance goals and impacts to critical infrastructure entities who are taking up specific security practices.

“This report assesses the inferred adoption of select CISA CPGs since the report’s initial release on October 27, 2022, and update on March 21, 2023. Analysis focuses on six CPGs and is based on vulnerability exposure across 7,791 critical infrastructure organizations enrolled in CISA’s Vulnerability Scanning service from Aug....