- CISA and the Army are expanding efforts to safeguard defense infrastructure from increasingly sophisticated cyber threats
- The initiative is shifting focus from protecting organizations broadly to securing specific mission-critical capabilities
- Federal agencies are working to establish resilience benchmarks that help infrastructure operators recover faster from cyber incidents
The Cybersecurity and Infrastructure Security Agency is expanding its partnership with the U.S. Army to strengthen the resilience of defense critical infrastructure against cyber threats, Federal News Network reported Thursday.
Efforts to strengthen the cybersecurity of critical infrastructure underscore a growing homeland security priority. Learn how DHS leaders are addressing cyber threats and other key challenges at the Potomac Officers Club’s 2026 Homeland Security Summit on Nov. 12. Register now.
Table of Contents
What Is the Goal of the CISA-Army Partnership?
The collaboration, which operates through an intergovernmental body called the Homeland Defense Working Group, also involves local communities hosting military installations. Earlier in May, CISA, the Army and the Federal Communications Commission met with local leaders at Fort Bragg in North Carolina to determine methods for securing installations against complex cyber threats. The initiative targets defense critical infrastructure providers, moving away from legacy entity-level designations to focus on protecting specific, vital defense capabilities.
How Will the Initiative Measure Cyber Resilience?
The interagency team aims to establish firm resilience metrics and targets for defense critical infrastructure to help owners and operators ease system recovery after malicious incidents. According to Nick Andersen, acting director of CISA, this scalable approach creates a unified effort that provides a comprehensive understanding of the threat and risk landscape, allowing the government to coordinate resources effectively.
Why Is the Government Shifting Its Infrastructure Strategy?
The move comes as agencies face a growing wave of artificial intelligence-enabled cyber threats. Speaking at the Cyber Innovation Summit in May, Andersen warned that artificial intelligence is accelerating the discovery, weaponization and exploitation of software vulnerabilities, compounding challenges posed by technical debt and persistent security gaps. He also cautioned that AI-powered tools could increase vulnerability discovery in the open-source software ecosystem.
Under the Defense Critical Infrastructure Program, the partnership aims to strengthen proactive defenses and establish resilience goals to protect mission-critical functions from increasingly sophisticated attacks. Andersen said the government is shifting from broad entity-level designations to a function-based approach that identifies critical capabilities and sets measurable resilience targets to ensure continuity and recovery during cyber incidents.
The initiative also aligns with CISA’s recently launched CI Fortify program, which promotes resilience planning across critical infrastructure sectors by helping organizations maintain essential operations and recover quickly from cyber incidents.
