Security Operations , Government Regulations , Critical Infrastructure Security , Threat Intelligence , Government security CISA urges critical infrastructure to plan for prolonged service delivery during emergencies May 8, 2026 Share By SC Staff (Adobe Stock) The Cybersecurity and Infrastructure Security Agency (CISA) is advising owners and operators of critical infrastructure to develop plans for delivering essential services under emergency conditions, potentially for extended periods of months, based on information published by Cyberscoop. CISA is warning that state-sponsored hackers, specifically Chinese groups known as Salt Typhoon and Volt Typhoon, pose a continuous threat to vital sectors such as electricity, water, and internet services. The agency is collaborating with the private sector to fortify operational technology (OT) – the systems controlling critical infrastructure machinery – against attacks that infiltrate through business IT systems or third-party vendors. The initiative, CI Fortify, involves CISA conducting technical assessments to help entities create plans for safe operations for weeks to months while isolated from IT networks and external tools. Acting director Nick Andersen emphasized the goal of maintaining service delivery even after disconnection from IT, OT, and third-party connections. This effort comes in the wake of numerous kinetic and cyberattacks targeting critical infrastructure globally. CISA has begun piloting these assessments with organizations supporting national security, public health, and economic continuity, with plans to expand the program. The strategy includes isolation, where external network connections to OT are severed during emergencies, and recovery, which focuses on best practices like backups and manual operational procedures. Cybersecurity specialists widely believe that other nations may also be exploiting similar vulnerabilities in U.S. critical infrastructure, despite ongoing efforts by agencies like the FBI and FCC to address threats from Chinese hacking groups. Source: Cyberscoop SC Staff Related Phishing Herd Security raises $3 million for AI-powered security training SC Staff May 8, 2026 Founded in 2025, Herd Security provides an agentic AI platform designed for continuous security awareness training. Security Operations Boost Security acquires 2 startups, raises $4 million for AI defense platform SC Staff May 8, 2026 Boost Security has acquired SecureIQx, an MIT-founded startup specializing in software composition analysis reachability, and Korbit Technologies, an AI-driven pull request review platform. Security Operations India’s securities regulator warns of AI-driven cyberattack risks SC Staff May 8, 2026 The Indian regulator's advisory specifically addresses the risks posed by AI-driven vulnerability identification tools, such as Claude Mythos. Related Events Cybercast AI for better SecOps: A Black Hat preview Tue Jul 7 Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Business Impact Analysis (BIA) Countermeasure Cron Darknet Data Mining Deepfake Drive-by Download Due Care Due Diligence DumpSec You can skip this ad in 5 seconds