Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

CISA To Reinstate 329 Positions

The move will assist the agency as it rolls out a new critical infrastructure security program.
By Kimberly Underwood
U.S. Air Force Master Sgt. Phillip Rubalcava, a superintendent at the 316th Civil Engineer Squadron, oversees front-end loader training during a bivouac exercise held by the wing at Fort Indiantown Gap, Pennsylvania on April 27, 2026. The Cybersecurity and Infrastructure Security Agency is beginning a new program called Critical Infrastructure Fortify, or CI Fortify, which will conduct assessments of military land other critical infrastructure. Credit: Airman 1st Class Patrick Nigugana
U.S. Air Force Master Sgt. Phillip Rubalcava, a superintendent at the 316th Civil Engineer Squadron, oversees front-end loader training during a bivouac exercise held by the wing at Fort Indiantown Gap, Pennsylvania on April 27, 2026. The Cybersecurity and Infrastructure Security Agency is beginning a new program called Critical Infrastructure Fortify, or CI Fortify, which will conduct assessments of military land other critical infrastructure. Credit: Airman 1st Class Patrick Nigugana

 

 

After drastic cuts to the Cybersecurity and Infrastructure Security Agency (CISA) by President Donald Trump’s Department of Government Efficiency efforts last year, the agency is adding back 329 personnel.

The questionable cuts came at a time of increasingly sophisticated adversarial cyber attacks fueled by artificial intelligence, essentially weakening the United States’ key agency for improving resilience and security in digital and critical infrastructure.

The reinstatement of positions will help the agency as it pursues one of its first programs under this administration called the Critical Infrastructure Fortify program, or CI Fortify.

Nick Andersen, acting director of CISA, briefed the media about the CI Fortify program during a call on Tuesday. Andersen is the second acting director in more than a year, as the agency still waits for a permanent director.

CI Fortify will provide guidance to public utilities, telecommunications, operational technology (OT) systems and other critical infrastructure, helping them prepare for and continue to operate during an attack or crisis, Andersen said.

CISA characterizes the risks to critical infrastructure and OT as a result of “geopolitical crises.” According to the agency, nation-states conducting intrusion attempts aim to win a wider geopolitical conflict.

“This initiative known as CI Fortify focuses on ensuring continued delivery of essential services during periods of cyber duress, as well as minimizing impact and accelerating recovering from a significant cyber attack,” Andersen stated during the call.

The policy directs the stakeholders to invest in so-called isolation and recovery capabilities.  

“Earlier today we announced a nationwide edition to critical infrastructure organizations in fortifying their systems and increasing their resilience to cyber attacks by investing in and developing isolation and recovery capabilities,” he noted.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

For isolation, organizations need to employ solutions that can “proactively disconnect” from other dependencies and enable operations without telecommunications or internet connectivity.

Organizations need to be able to quickly restore vital compromised systems while in isolation mode as part of the indicated recovery capabilities. That recovery phase also includes “documenting systems, backing up critical files and practicing the replacement of systems or the transition to manual in case isolation fails,” the policy stated.

They must also identify their most critical customers, such as the military or life sustaining services (like hospitals), and set service delivery targets based on their operations. Organizations are advised to map out business continuity plans and any engineering processes that enable partial operations during isolation.

“The key message to critical infrastructure entities is to start now if they have not already,” Andersen advised.

As part of CI Fortify, CISA will conduct an initial series of “targeted assessments” under a pilot program that prioritizes military-related critical infrastructure.

These assessments will identify any barriers to a facility or infrastructure isolating or recovering during a cyber attack or crisis. The agency will also examine isolation capability development and exercises.

“We do not have a set number of assessments that we are doing,” Andersen explained. “I can tell you that we have already started to kick off the first couple of assessments.”

Andersen clarified that CISA still does have its regional and field offices across 10 areas aligned with Federal Emergency Management Agency regions that contain regional and deputy directors, cybersecurity and proactive security advisers, and emergency communications coordinators. Some of the 329 personnel additions will repopulate some of those locations. He also expects the regional and field offices to support the new program.

“Each one will have a role to play here in helping to assess the security of these critical infrastructure owner operators as part of CI Fortify,” Andersen stated.

Notably, CI Fortify does not include any specific measures for election security, even for the upcoming midterms. However, Andersen indicated that CISA does consider election security a critical infrastructure.

CISA, under previous administrations, had made election security a priority, working proactively with state and local authorities, given the cyber threats and information warfare targeting U.S. elections from Russia, North Korea and Iran.

State and local governments can access election security resources, Andersen said.

In addition, CISA partners and counterparts in Australia, Canada and the United Kingdom have similar critical infrastructure programs.

The program is “an allied initiative,” CISA indicated, with Australia, Canada and the United Kingdom. Andersen did not go into detail about the allied nature of CI Fortify.

According to Australia’s CI Fortify program website, the program provides high-level security recommendations to OT critical infrastructure operators and advises up-to-date inventories of OT assets and enabling systems, identification of temporary isolation paths, planned actions, proven ability to rebuild impacted critical infrastructure and ways to minimize costs of any disruption.

“CI owners and operators must fortify their systems to allow vital services in the United States to sustain essential operations during a geopolitical conflict,” the U.S. policy stated.

For more information, visit CISA.gov.fortify.

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying The Cyber Edge?
The Cyber Edge is part of SIGNAL Magazine. Subscribe or join AFCEA to receive SIGNAL and its award winning news.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA

Related Cyber Content