In response to a rise in attacks aimed at crippling businesses, stealing data, or demanding ransom payments, the United States is attempting to make it simpler for companies and organizations to strengthen their cybersecurity.

Cybersecurity Performance Goals were released on Thursday by the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) as a critical but voluntary resource to assist businesses and organizations in making more informed cybersecurity decisions.

Secretary of Homeland Security Alejandro Mayorkas called the rollout a “watershed moment” for cybersecurity and described the performance goals as a “menu of options” to improve security.

ALSO, READ How Organizations Can Secure Clients’ Data From Hackers.

Secretary of Homeland Security Alejandro Mayorkas addresses reporters on October 13, 2022, in this file photo from a press conference held at the State Department.

He further elaborated, saying that the goals are “accessible, easy to understand, and identified according to the cost that each would entail, the complexity to implement the goal, and the magnitude of the impact that the goal’s implementation would have.”

Russia’s invasion of Ukraine earlier this year is one factor motivating the United States government’s “Shields Up” awareness campaign, which has been running for months warning of a more complex and dangerous threat environment in cyberspace.

US Rolls Out Voluntary Cybersecurity Goals

They have also called attention to cyberattacks by Iran and North Korea, while warning that both nation states and non-state actors have increasingly been scanning and targeting U.S. critical infrastructure, from water and electric companies to airports, which were struck by a series of denial-of-service attacks earlier in October.

Private cybersecurity companies have likewise warned of a growing number of attacks against health care companies and education and research organizations.

While some bigger U.S. companies and organizations have been able to devote time, money and other resources to confront the growing dangers, U.S. officials are concerned that others have not.

ALSO, READ How Hackers Are Exploiting Stolen Cookies To Attack Corporate Organisations – Research

In particular, CISA has worried about small to mid-sized businesses, along with hospitals and school systems, often described by officials as target rich but resource poor because they do not have the money or resources to defend systems and data from hackers.

Officials said the new guidelines, which focus on key areas like account security, training, incident reporting, and response and recovery, and come with checklists, are designed to ease the burden. The officials also said they anticipate the goals will change and evolve along with the threat.

US Rolls Out Voluntary Cybersecurity Goals

US Rolls Out Voluntary Cybersecurity Goals

“We’ve been working with them to implement several of these best practices, as well as ensuring that they have the tools and resources and the capabilities to ensure the security and resilience of election infrastructure,” Easterly told reporters Thursday. “I’ve met with election officials even just over the past few days … and they all expressed confidence in particular in the cybersecurity across all of their systems.”

ALSO, READ British Hacker Charged for Operating “The Real Deal” Dark Web Marketplace

CISA also said Thursday that U.S. states and territories needing more help can take advantage of $1 billion in grants that are being made available over the next four years.

The grants, designed specifically to help protect U.S. critical infrastructure, were first announced last month.