CISA Launches CI Fortify to Strengthen National Infrastructure Security

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new initiative called “CI Fortify” to help critical infrastructure operators prepare for cyberattacks tied to geopolitical conflict.

The guidance assumes attackers may already have access to operational technology systems before a crisis begins. It also warns that internet access, telecommunications networks, vendors, and outside service providers may become unreliable during a major disruption.

Critical infrastructure organizations are being encouraged to prepare for situations where essential services must continue even after systems are compromised or disconnected. Water utilities, transportation systems, telecommunications providers, energy operators, and defense-connected facilities may need to operate for extended periods without stable communications or outside technical support.

Why It Matters: CI Fortify pushes cybersecurity planning closer to operational continuity and infrastructure resilience. The initiative centers on maintaining essential services during cyber disruption while preparing organizations to operate through extended outages affecting communications, vendors, and operational technology systems.

• CISA Warns Cyberattacks Could Disrupt Essential Services: CISA says future cyberattacks may target the systems that keep critical infrastructure running, including telecommunications, utilities, transportation, and defense operations. One major concern is the possibility of attacks that interrupt internet and phone service, making it harder for organizations to communicate or manage operations during a crisis. The agency advises infrastructure operators to prepare for situations where outside connectivity may suddenly become unavailable.

• Organizations Are Being Told to Prepare for Isolation: A major part of CI Fortify focuses on operating without outside support. CISA wants organizations to prepare for scenarios where internet access, vendor support, remote management tools, or business network connections are no longer available. The guidance recommends identifying which customers and services are most important, then determining which systems are required to keep those operations running. Organizations are also encouraged to update continuity plans so they can continue operating safely for extended periods in disconnected environments.

• Recovery Planning Includes Manual Operations: The initiative emphasizes recovery planning before a disruption occurs. CISA recommends documenting systems and backing up important files while also preparing teams to operate manually if automated systems fail. The agency warns that recovery can also be delayed by overlooked dependencies, including licensing servers or vendor-managed tools, which is why organizations are being encouraged to identify those gaps before an emergency happens.

• Defense Infrastructure is a Priority: CISA has already started pilot assessments focused on infrastructure connected to military operations and national defense. This includes systems tied to radar, dams, satellite communications, and weapons support facilities. The initiative follows ongoing warnings from defense officials that cyberattacks on infrastructure are likely to play a major role during future geopolitical conflicts.

• Resilience is Becoming Part of Operational Planning: CI Fortify encourages more coordination between infrastructure operators, emergency planners, military facilities, and industrial vendors as organizations prepare for cyber disruption. CISA also notes that the same planning can improve response efforts during natural disasters, communications outages, or equipment failures. The agency plans to continue publishing guidance and running assessments focused on isolation and recovery readiness.

Go Deeper -> CI Fortify: Strengthening Resilience Across Critical Infrastructure – CISA

CISA tells critical organizations to prepare for cyber outages – Federal News Network