CISA has urged critical infrastructure operators to plan for remaining operational or recovering quickly if hit by a cyber-attack, launching the CI Fortify initiative on 6 May 2026 as a planning framework for sectors such as water, energy, transportation and communications. The guidance envisions a worst‑case scenario where telecommunications, internet, vendors and upstream service providers cannot be trusted, and threat actors may already have a foothold in the OT network.
The plan sets two core objectives: Isolation, which involves proactively cutting OT systems off from third‑party and business networks to keep essential services running in a degraded environment, and Recovery, which focuses on documenting systems, backing up critical files and rehearsing replacement of components or a transition to manual operations if isolation fails.
CISA also encouraged operators to share the guidance with managed service providers, system integrators and vendors to map communications dependencies and workarounds. CISA Acting Director Nick Andersen said the guidance is timely and actionable for protecting networks and critical services from threat actors aiming to degrade or disrupt infrastructure.