I do work at the federal agency level, which is what I think you’re asking. I am clearly the intended audience of CISA’s strategic work, and that work is of very poor quality at the moment (as shown by the document we’re discussing) and does not serve my interests. CISA also declined to take my feedback in an unpaid advisory role, which is the first time in my life that this has happened. I’ve never met another organization that goes to as much lengths to avoid the possibility of hearing from its customers.
Where in the linked document do you see any part of their vision to listen to their targets and solve their problems? Their strategy does not include allowing any reporting of problems and threats, nor gathering any feedback about the security issues on the ground. In fact their document doesn’t even contain basic contact information. It is an opaque document discussing non-threats and ignoring gathering information about threats, understanding and responding to them. It is the worst strategic plan from any organization on any subject and fails to mention any mechanisms toward necessary outcomes.
