The Cybersecurity and Infrastructure Security Agency has launched CI Fortify, a new initiative that urges organizations across all critical infrastructure sectors to strengthen resilience against disruptive cyberattacks.
The agency said Tuesday that CI Fortify provides strategic guidance to help critical infrastructure operators prepare to continue delivering essential services even when their systems are under attack.
Learn more about the cyberthreats posed by nation-state adversaries to the U.S. critical infrastructure sector at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Chris Butera, acting executive assistant director of CISA, will deliver a keynote address at the event. Leaders from the FBI, the Department of War and other agencies will also be present to discuss the cyberthreat landscape. Sign up today.
How Is CI Fortify Designed to Strengthen Cyber Resilience?
According to CISA, the initiative focuses on two emergency planning objectives: isolation and recovery.
Isolation involves disconnecting operational technology systems from third-party providers, telecommunications networks and business systems to minimize cyber impacts and sustain operations during a crisis. Organizations need to identify critical customers and services, determine the operational technology needed to support them, and update continuity plans to maintain operations in isolated environments.
Recovery focuses on rapidly restoring compromised systems while isolated. The agency recommends that operators document systems, back up files and regularly test recovery procedures.
The agency added that the planning measures outlined in CI Fortify can also help organizations improve resilience against natural disasters, communications outages and routine system failures.
“CI Fortify is timely, actionable guidance that helps organizations protect their networks and critical services from cyberthreat actors that aim to degrade or disrupt infrastructure,” Nick Andersen, acting director of CISA, stated. “We strongly encourage organizations to review this guidance, implement the recommended actions and collaborate with CISA to strengthen CI defenses against opportunistic threat actors.”
Why Does US Critical Infrastructure Need Stronger Cybersecurity?
CISA warned that nation-state cyber actors have already pre-positioned themselves within critical infrastructure systems and could target operational technology and telecommunications networks during geopolitical conflicts.
In April, several agencies, including CISA, revealed that Iranian-affiliated cyber actors are actively exploiting vulnerabilities in programmable logic controllers, or PLCs, used across U.S. critical infrastructure sectors, including government services, water and wastewater systems, and energy facilities.
In the same month, the National Security Agency, the FBI and international partners issued a joint advisory stating that Russian military intelligence actors have been exploiting vulnerable routers to steal sensitive information from government, military and critical infrastructure targets.
