ReadySetCyber

CISA seeks to collect information from US critical infrastructure organizations on a strictly voluntary basis in order to provide tailored services so that each organization can be best supported in meeting the CISA Cybersecurity Performance Goals. The CISA Cybersecurity Performance Goals are a set of 38 voluntary controls which aim to reduce the risk of cybersecurity threats to critical infrastructure. These controls include minimum password strength, networked asset inventory, supply chain incident reporting, network segmentation, and much more. CISA offers a number of services and resources to aid critical infrastructure organizations in adopting the Cybersecurity Performance Goals and seeks to make discovery of the appropriate services and resources as easy as possible, especially for organizations that may have cybersecurity programs at lower levels of capability. To measure adoption of the Cybersecurity Performance Goals and assist organizations in finding the best possible services and resources for their cybersecurity programs, CISA is seeking to establish a voluntary information collection that uses respondents’ answers to tailor a package of services and resources most applicable for their level of program maturity. This is a new information collection request that is used to 1) tailor the provision of services and resources to critical infrastructure organizations based on the maturity of their cybersecurity pro-grams, and 2) measure the adoption of the CISA Cybersecurity Performance Goals throughout critical infrastructure.

The latest form for ReadySetCyber expires 2027-03-31 and can be found here.