Time to get to work. Milestones for 2023 have been set.
One concern I do have about this plan is the apparent lack of urgency by CISA for reporting software vulnerabilities to consumers, see initiative 3.3.3. The Coordinated Vulnerability Disclosure deliverable is set for Q4 FY 2025. This is an urgent matter that deserves an urgent response, much sooner than Q4 FY 25.
Consumer Transparency into risks for IoT devices begins in 2023:
There is an excellent overview article available online at Industrial Cyber