The Cybersecurity and Infrastructure Security Agency has launched CI Fortify, a new initiative that urges organizations across all critical infrastructure sectors to strengthen resilience against disruptive cyberattacks.
The agency said Tuesday that CI Fortify provides strategic guidance to help critical infrastructure operators prepare to continue delivering essential services even when their systems are under attack.
Learn more about the cyberthreats posed by nation-state adversaries to the U.S. critical infrastructure sector at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Chris Butera, acting executive assistant director of CISA, will deliver a keynote address at the event. Leaders from the FBI, the Department of War and other agencies will also be present to discuss the cyberthreat landscape. Sign up today.
Table of Contents
How Is CI Fortify Designed to Strengthen Cyber Resilience?
According to CISA, the initiative focuses on two emergency planning objectives: isolation and recovery.
Isolation involves disconnecting operational technology systems from third-party providers, telecommunications networks and business systems to minimize cyber impacts and sustain operations during a crisis. Organizations need to identify critical customers and services, determine the operational technology needed to support them, and update continuity plans to maintain operations in isolated environments.
Recovery focuses on rapidly restoring compromised systems while isolated. The agency recommends that operators document systems, back up files and regularly test recovery procedures.
The agency added that the planning measures outlined in CI Fortify can also help organizations improve resilience against natural disasters, communications outages and routine system failures.
“CI Fortify is timely, actionable guidance that helps organizations protect their networks and critical services from cyberthreat actors that aim to degrade or disrupt infrastructure,” Nick Andersen, acting director of CISA, stated. “We strongly encourage organizations to review this guidance, implement the recommended actions and collaborate with CISA to strengthen CI defenses against opportunistic threat actors.”
Why Does US Critical Infrastructure Need Stronger Cybersecurity?
CISA warned that nation-state cyber actors have already pre-positioned themselves within critical infrastructure systems and could target operational technology and telecommunications networks during geopolitical conflicts.
In April, several agencies, including CISA, revealed that Iranian-affiliated cyber actors are actively exploiting vulnerabilities in programmable logic controllers, or PLCs, used across U.S. critical infrastructure sectors, including government services, water and wastewater systems, and energy facilities.
In the same month, the National Security Agency, the FBI and international partners issued a joint advisory stating that Russian military intelligence actors have been exploiting vulnerable routers to steal sensitive information from government, military and critical infrastructure targets.
Related Articles
The U.S. Army has announced that Chief Information Officer Leonel Garciga, a two-time Wash100 awardee, stepped down from his role on Friday. As government and industry officials continue conversations about Army modernization efforts, military and industry leaders will gather on June 18 at the 2026 Army Summit to discuss the service’s evolving technology priorities. The event will feature discussions on AI, reconfigurable air defense and cost-effective fires, cybersecurity, and the future of the tactical edge. Sign up now! In a LinkedIn post published Tuesday, the Office of the Army CIO said officials held a farewell ceremony on Friday, May 1,
The National Institute of Standards and Technology’s Center for AI Standards and Innovation, or CAISI, has signed agreements with Google DeepMind, Microsoft and xAI to support frontier artificial intelligence testing and research tied to national security efforts. As government and industry leaders expand efforts to evaluate frontier AI systems for national security applications, discussions around AI’s growing role in cybersecurity continue to gain momentum. The 2026 Cyber Summit on May 21 will feature a panel discussion about the role of AI in cyber defense. Reserve your spot now! NIST said Tuesday the agreements build on previously announced partnerships that were
The Advanced Research Projects Agency for Health has launched a new program aimed at accelerating biomedical discovery through an artificial intelligence-enabled research ecosystem designed to improve reproducibility, collaboration and disease modeling. ARPA-H said Tuesday the Intelligent Generator of Research, or IGoR, program will support the development of AI-powered systems intended to generate, validate and refine biomedical research more efficiently, particularly for complex and chronic diseases. The Potomac Officers Club will convene senior healthcare leaders at its 2026 Healthcare Summit on Dec. 3. Register now to hear top officials discuss FY 2027 contracting priorities, modernization efforts and investments in digital health