The **Cybersecurity and Infrastructure Security Agency (CISA)** this week unveiled **CI Fortify**, a new initiative designed to prepare critical infrastructure organizations for technology and telecommunications outages stemming from cyberattacks. The agency published a guide urging organizations to proactively disconnect from third-party dependencies and operate without reliable telecommunications and internet access during a crisis. ### CI Fortify: Isolation and Recovery The core of CI Fortify involves enabling critical infrastructure entities to quickly restore compromised systems while isolated. According to **CISA** Acting Director **Nick Andersen**, the initiative provides "timely, actionable guidance" to protect networks and critical services from cyber threat actors aiming to disrupt infrastructure. **CISA** will conduct targeted assessments of critical infrastructure organizations, tailored to each entity and industry, to ensure they have detailed emergency plans and that their operational technology (OT) systems are segmented and isolated from other network components. ### Addressing Nation-State Threats: Volt Typhoon and Beyond The initiative is positioned as a response to recent nation-state hacking campaigns, notably the **Volt Typhoon** cyberattacks. These attacks involved Chinese threat actors pre-positioning within U.S. critical infrastructure to potentially enable destructive cyber actions during a kinetic military conflict. The **CISA** advisory AA24-038A, addressing the **Volt Typhoon** campaign, is prominently linked on the CI Fortify website. <! -- Twitter embed --> While U.S. officials initially aimed to eradicate all Chinese hackers embedded in critical infrastructure, some experts argue that **Volt Typhoon** remains deeply entrenched. **Andersen** clarified that CI Fortify is not solely focused on **Volt Typhoon** but aims to prevent destructive impacts from any nation-state actor. The initiative also addresses tactics observed during alleged Russian cyberattacks on OT networks in Poland earlier this year. ### The Evolving Threat Landscape: AI and Resilience Cybersecurity expert **Matthew Hartma** emphasized that complete eviction of advanced nation-state actors is no longer a realistic near-term goal. He advocated for prioritizing segmentation and resilience, assuming compromise and limiting the blast radius of attacks. This layered defensive posture is deemed necessary, especially with the rapid advancements in AI accelerating both offensive capabilities and the scale of cyber threats. <! -- Youtube embed --> **Andersen** highlighted artificial intelligence as a primary concern driving the development of CI Fortify. He noted the increasing speed and velocity at which AI is transforming the cyber landscape, impacting both critical infrastructure and traditional IT environments. Recent reports indicate that hackers are already leveraging AI models to conduct significant portions of cyber intrusions. For instance, incident response firm **Dragos** reported an AI-assisted compromise of a municipal water and drainage utility in Monterrey, Mexico.