The new CI-Fortify initiative urges critical infrastructure operators to prepare for cyberattacks by ensuring they can disconnect from networks and still deliver essential services — something experts say will hinge on investment and discipline.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

CISA has launched CI Fortify, a national initiative urging critical infrastructure operators to prepare for operating in isolation from the internet and third-party dependencies during cyberattacks. The program emphasizes controlled disconnection, local operation, and rapid recovery rather than traditional air-gapping. Experts note the initiative repackages familiar business continuity and disaster recovery concepts, but highlight two major barriers: most operators lack comprehensive visibility into their OT dependencies, and building redundant resilient systems is costly. The initiative's success will depend on operators mapping dependencies, justifying investment, and redesigning remote access for crisis conditions.

CISA pushes critical infrastructure operators to prepare to work in isolation