CISA launches CI Fortify initiative to enhance critical infrastructure resilience against cyber threats
Updated: 06.05.2026 16:15
· First: 05.05.2026 15:00
· 📰 2 src / 2 articles
CISA’s CI Fortify initiative has expanded with detailed guidance for critical infrastructure (CI) operators to prepare for worst-case scenarios where third-party networks and upstream providers cannot be trusted and threat actors already have access to operational technology (OT) environments. The initiative now includes specific recommendations to identify critical customers, set service delivery targets, update business continuity plans for prolonged isolation, and collaborate with vendors to map dependencies. While welcomed by industry, experts caution that isolation alone is insufficient without layered control measures, and CISA emphasizes that adopting these capabilities enhances resilience against all disruptions, from cyber-attacks to physical events. The CI Fortify initiative was launched to bolster operational resilience across U.S. CI sectors, including water, energy, transportation, and communications. The framework prioritizes actionable steps such as developing isolation and recovery capabilities, testing manual and localized operations, and fostering collaboration with CISA to mitigate cyber threats. Acting Director Nick Andersen reinforced the urgency of implementation, framing CI Fortify as timely guidance to protect networks and critical services from threat actors aiming to degrade or disrupt infrastructure.