<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Franklin Gothic Book";
        panose-1:2 11 5 3 2 1 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
p.xxxxxmsonormal, li.xxxxxmsonormal, div.xxxxxmsonormal
        {mso-style-name:x_x_x_x_xmsonormal;
        margin:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
span.xxxxxcontentpasted0
        {mso-style-name:x_x_x_x_xcontentpasted0;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">FYSA<o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Today, the Cybersecurity and Infrastructure Security Agency (CISA) released a set of
 cross-sector </span></span><span style="font-size:12.0pt;color:black"><a href="https://www.cisa.gov/cpgs"><span style="font-size:11.0pt;font-family:"Franklin Gothic Book",sans-serif;background:white">Cybersecurity Performance Goals (CPGs)</span></a></span><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">,
 which were developed<span class="xxxxxcontentpasted0"> at </span></span><span style="font-size:12.0pt;color:black"><a href="https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems/"><span style="font-size:11.0pt;font-family:"Franklin Gothic Book",sans-serif;background:white">the
 direction of the White House</span></a></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">, in coordination with the National Institute for Standards and Technology (NIST) and other
 agencies </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">The CPGs provide voluntary guidance to critical infrastructure partners to help them
 prioritize security investments toward areas that will have the greatest impact on their cybersecurity, and they are developed to be implemented in concert with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Every
 organization should use the NIST Cybersecurity Framework to develop a rigorous, comprehensive cybersecurity program. The CPGs prescribe an abridged subset of actions – a kind of “QuickStart guide” – for the NIST CSF to help organizations prioritize their investments. </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Along with the CPGs themselves, CISA is releasing an accompanying
<a href="https://www.cisa.gov/sites/default/files/publications/CISA_CPG_CHECKLIST_508c.pdf" title="https://www.cisa.gov/sites/default/files/publications/CISA_CPG_CHECKLIST_508c.pdf">
Checklist </a>that prioritizes each Goal by Cost, Impact, and Complexity.  </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">CISA developed the CPGs based on extensive feedback from partners with the goal of
 creating a final product that reflects input from a wide range of groups including federal agencies, the private sector, and international partners. We achieved this goal via written comments, workshops, listening sessions, and focused discussions with experts
 across a variety of disciplines.  </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">**We would like to invite you to participate in
<b>a stakeholder call today at noon, EDT</b> to hear a briefing from CISA’s Executive Assistant Director for Cybersecurity Eric Goldstein on the CPGs, their purpose, and how to use them.  This call also includes an open Q&A session for all participants.
</span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
<p class="xxxxxmsonormal" align="center" style="text-align:center;background:white">
<span class="xxxxxcontentpasted0"><b><u><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Conference Call Information</span></u></b></span><o:p></o:p></p>
<p class="xxxxxmsonormal" align="center" style="text-align:center;background:white">
<span class="xxxxxcontentpasted0"><b><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Date:
</span></b></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Oct. 27, 2022</span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" align="center" style="text-align:center;background:white">
<span class="xxxxxcontentpasted0"><b><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Time:
</span></b></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">12:00pm EDT</span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" align="center" style="text-align:center;background:white">
<span class="xxxxxcontentpasted0"><b><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Dial in:
</span></b></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Participant Dial In: 1-800-857-6546; Passcode: 3911128</span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">Following the release of the CPGs, CISA will continue taking input and welcomes feedback
 from partners from across the critical infrastructure community. In fact, CISA has already set up a
</span></span><span style="font-size:12.0pt;color:black"><a href="https://github.com/cisagov/cybersecurity-performance-goals"><span style="font-size:11.0pt;font-family:"Franklin Gothic Book",sans-serif;background:white">Discussions page</span></a></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">
 to receive feedback and ideas for new CPGs, plans to regularly update the CPGs, and will work directly with individual critical infrastructure sectors as we build out sector-specific CPGs in the coming months. To learn more about these new CPGs and the process
 behind developing them, visit </span></span><span style="font-size:12.0pt;color:black"><a href="https://www.cisa.gov/cpgs"><span style="font-size:11.0pt;font-family:"Franklin Gothic Book",sans-serif;background:white">Cross-Sector Cybersecurity Performance
 Goals and Objectives | CISA</span></a></span><span class="xxxxxcontentpasted0"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white">. </span></span><o:p></o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><span style="font-family:"Franklin Gothic Book",sans-serif;background:white"><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><span style="color:#1F497D">Theresa A. Masse<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cybersecurity State Coordinator/Advisor, Region 10 (Oregon)
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Cybersecurity and Infrastructure Security Agency<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Department of Homeland Security<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Phone: (503) 930-5671
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#1F497D">Email:</span><span style="font-size:10.0pt;color:#777777">
</span><a href="mailto:theresa.masse@cisa.dhs.gov"><span style="font-size:10.0pt;color:#0563C1">theresa.masse@cisa.dhs.gov</span></a><u><span style="font-size:10.0pt;color:#0760C1"><o:p></o:p></span></u></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><img border="0" width="97" height="97" style="width:1.0138in;height:1.0138in" id="Picture_x0020_1" src="cid:image001.png@01D8E9D1.33640820"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="xxxxxmsonormal" style="background:white"><o:p> </o:p></p>
<p class="xxxxxmsonormal" style="background:white"><span style="font-family:"Franklin Gothic Book",sans-serif;color:black;background:white"> </span><o:p></o:p></p>
</div>
</body>
</html>