Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help Locally
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Contact Us
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
Share:

Secure Tomorrow Series Toolkit

Overview

The Secure Tomorrow Series Toolkit is a diverse array of interactive and thought-provoking products uniquely designed to assist stakeholders across the critical infrastructure community to self-facilitate and conduct strategic foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and develop risk management strategies that, if taken today, could enhance long-term critical infrastructure security and resilience to implement now.

Central to the Secure Tomorrow Series effort is the selection of topics that are likely to have highly disruptive impact across multiple National Critical Functions. To this end, the National Risk Management Center worked with subject matter experts from academia, think tanks, the private sector, and the National Labs to help build and refine the knowledge base that underlies the Toolkit activities. This iteration of the Toolkit focuses on three topic areas: (1) anonymity and privacy, (2) trust and social cohesion, and (3) data storage and transmission.

These free voluntary resources are available to stakeholders in every critical infrastructure sector. More specifically, the Toolkit will assist users in identifying and examining risk mitigation strategies, managing uncertainty and encouraging strategic foresight methods in their long-term planning.

Toolkit Activities

The Toolkit provide a powerful means of increasing risk awareness, identifying risk mitigation solutions, and encouraging systems-level thinking and long-term planning. Specifically, it contains game templates; facilitator, player, and controller guides; read-ahead materials, and other materials needed for users to self-facilitate four different activities:

  • Scenarios workshop: Participants explore four different future scenarios (Life Under a Microscope, A Fragmented World, Deep Disinformation, and A New Wave of Cooperation), and identify a set of strategies that would most effectively mitigate risk across all the scenarios.

  • Threat timelines activity: Players generate fictional news headlines that describe future security threats to a particular technology or system. Through these headlines, players think about plausible futures, reflect on potential threats to critical infrastructure security and resilience; and identify corresponding mitigating actions that can be put into motion today.

  • Matrix games: Players tackle incidents and trends that could negatively affect the U.S. in the future and debate strategies to mitigate accompanying risks to critical infrastructure security and resilience.

  • Cross-impacts sessions: Participants brainstorm ideas on how key risk drivers to the three topics might affect different NCFs.

By downloading the Toolkit, users will learn how to conduct foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and proactively develop corresponding risk management strategies they can implement now.

Getting Started with the Toolkit

The Toolkit includes guides to facilitate each activity. The number of participants and time requirements vary for the four activities. A matrix game takes 3 hours to play with 3–5 participants, whereas a scenarios workshop is a full-day activity involving between 30–40 participants.

As a starting point, please review the Scenarios Workshop Synopses about future risks, and then consider the Threat Timelines as a warm-up activity, and then move on to explore the Matrix Games and Cross Impacts depending on time and participant needs and interest.

Scenarios Workshop

Participants will explore four different future scenarios to help participants explore ways in which the operating environment for owners and operators may evolve and how this evolution may affect the security and resilience of critical infrastructure systems. Participants will learn how identify a prioritized set of risk mitigation strategies that will increase critical infrastructure resilience and security, regardless of future uncertainties.

Minimum Number of Participants Required: 30-40 participants

Time Estimate: 8 hours

Scenarios Workshop Synopses

PUBLICATION
This workshop explores ways in which the operating environment for critical infrastructure (CI) owners and operators may evolve in the future.
Download File (PDF, 165.76 KB)

Scenarios Workshop Facilitator(s) Guide

This document provides a guide for facilitators of the Scenarios workshop.
Download File (PDF, 4.34 MB)

Scenarios Workshop: Introduction and Roadmap Slides and Notes

PUBLICATION
Provides an overview and agenda for Scenarios workshops. 
View Files

Secure tomorrow Series Scenario Naratives

PUBLICATION
CISA has provided these scenarios to initiate and facilitate discussion.
View Files

Secure Tomorrow Series: Are We There Yet?

PUBLICATION
A part of the Secure Tomorrow Series to prepare for the future. 
View Files

Threat Timelines

Players will generate fictional news headlines that describe future security threats to a particular technology or system to think about plausible futures, reflect on emerging and evolving threats to critical infrastructure security and resilience, and identify corresponding mitigating actions that could be put into motion today.

Minimum Number of Participants Required: 4-6 participants

Time Estimate: 1-1.5 hours

Threat Timelines Resources

PUBLICATION
Threats to cybersecurity and critical infrastructure security and resilience.
View Files

Matrix Games

Players will tackle incidents and trends that could negatively affect the United states in the future, and debate strategies to mitigate accompanying risks to critical infrastructure security and resilience. Participants will engage and challenge each other to think strategically about critical infrastructure resilience and preparedness from multiple perspectives.

Minimum Number of Participants Required: 3-5 participants

Time Estimate: 2.5 hours

Matrix Games Data Privacy, Storage, and Transmission

PUBLICATION
Participants will consider trends that could impact the future of critical infrastructure security.
View Files

Matrix Game: Trust and Social Cohesion

PUBLICATION
Consider initiatives and strategies that will mitigate future risks to critical infrastructure potentially due to the erosion of trust and social cohesion.
View Files

Cross-Impacts

Participants focus on how emerging and evolving risks and key drivers of change might affect different National Critical Functions in distinct ways. Participants will come away with a better understanding of the ramifications of these drivers of change for different critical functions.

Minimum Number of Participants Required: 8-12 participants

Time Estimate: 4 hours

Cross-Impacts Resources

PUBLICATION
Focus on how emerging and evolving risks and key drivers of change might affect different National Critical Functions in distinct ways.
View Files

Toolkit Next Steps

CISA’s National Risk Management Center is working on the next iteration of the Toolkit focused on the following topics: (1) synthetic biology; (2) brain computer interface (BCI); (3) quantum technologies (to include computing, communications, and sensors). The next Toolkit will be available in later this year.

Contact Us

If you do need some assistance in setting up a Toolkit activity or have a question/comment, please email SecureTomorrowSeries@cisa.dhs.gov.

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback