Executive Summary

On November 19, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched a new initiative to help protect U.S. critical infrastructure from threats posed by Unmanned Aircraft Systems (UAS), commonly known as drones. As part of its "Be Air Aware™" campaign, CISA released three new guides offering practical advice for infrastructure owners and operators. The guidance addresses the full lifecycle of a drone-related incident, from detection to response. With the use of drones expected to increase, this initiative aims to raise awareness and provide organizations with the tools to incorporate countermeasures against aerial threats into their overall security posture.

Policy Details

The new resources provide non-binding guidance and best practices for organizations to defend against malicious UAS activity. The campaign acknowledges that drones can be used for a range of nefarious purposes, including surveillance, smuggling contraband, disrupting operations, or even carrying out physical attacks.

The three guides are:

1. "Unmanned Aircraft System Detection Technology Guidance for Critical Infrastructure": Provides an overview of available technologies for detecting drones, including radio frequency (RF) sensors, radar, acoustic sensors, and optical sensors. It helps organizations understand the capabilities and limitations of each.
2. "Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators": Outlines how to identify suspicious drone activity, what information to report to law enforcement, and how to develop a response plan.
3. "Safe Handling Considerations for Downed Unmanned Aircraft Systems": Offers procedures for safely securing and handling a drone that has landed or crashed on-site, considering potential hazards like explosives or evidence preservation.

Affected Organizations

This guidance is relevant to all owners and operators of U.S. critical infrastructure, including but not limited to:

• Energy (power plants, refineries)
• Transportation (airports, ports)
• Government Facilities
• Communications (data centers, cell towers)
• Water and Wastewater Systems
• Large public venues (stadiums, event spaces)

Compliance Requirements

There are no mandatory compliance requirements associated with this guidance. However, incorporating these recommendations is a crucial step in maturing a physical security program to address modern, three-dimensional threats. Organizations are encouraged to integrate UAS threat scenarios into their existing security risk assessments and emergency response plans.

Impact Assessment

The malicious use of UAS poses a significant and growing threat:

• Intelligence Gathering: Drones can be used to conduct surveillance on facilities, identify security vulnerabilities, and monitor operational patterns.
• Physical Attacks: Drones can be modified to carry and deliver hazardous materials or improvised explosive devices (IEDs).
• Network Intrusion: Drones equipped with Wi-Fi hacking tools can be flown near facilities to attack wireless networks.
• Disruption: Flying drones near airports can disrupt air traffic, while flying them over industrial sites can create safety hazards.

Implementation Guidance

1. Conduct a Risk Assessment: Start by assessing the specific risks drones pose to your facility. Consider your location, the value of your assets, and potential attack scenarios.
2. Develop a Response Plan: Create a clear plan for what to do when a drone is detected. This should include roles and responsibilities, communication protocols, and procedures for reporting to law enforcement.
3. Evaluate Detection Technology: Based on your risk assessment, evaluate whether to invest in UAS detection technology. Consider a layered approach combining multiple sensor types for better coverage.
4. Train Personnel: Train security staff and employees on how to identify and report suspicious drone activity and how to respond safely according to the plan.