CISA : Critical Infrastructure Must Master Isolation, Recovery outlines new guidance to help US critical infrastructure operators withstand cyberattacks by foreign threat actors. The agency launched CI Fortify, an initiative designed to ensure essential services can continue operating even during an active cyberattack.
At the heart of CI Fortify are two capabilities operators should begin developing immediately: isolation, which involves deliberately severing connections to outside networks to prevent an attack from spreading to OT, and recovery, which covers documenting systems, maintaining backups, and rehearsing restoring components or switching to manual operations. According to the official guidance, operators should assume internet access, vendors, and third‑party providers may become unreliable in a conflict scenario.
Nick Andersen, CISA Acting Director, has urged operators to review the guidance and work with the agency to harden defenses. Duncan Greatwood, CEO of Xage Security, said that isolation alone is not enough and emphasised the need for segmentation and operational resilience in degraded states.