Water Utilities Get 100-Day Cybersecurity Plan
The United States Environmental Protection Agency (EPA) has drawn up a 100-day game plan to help protect the nation’s water systems from cyber-attacks.
The Industrial Control Systems Cybersecurity Initiative – Water and Wastewater Sector Action Plan focuses on high-impact acts that can be performed within 100 days to improve cybersecurity across the water sector.
Strategies detailed in the roadmap promote and support the early detection of cyber-threats and the rapid sharing of data across the government to speed up cyber-threat analysis and action.
The plan advocates the establishment of a cybersecurity task force comprising leaders from the water sector. It also calls for the implementation of pilot projects to demonstrate and accelerate the adoption of incident monitoring.
“Cyber-attacks represent an increasing threat to water systems and thereby the safety and security of our communities,” said EPA administrator Michael S. Regan.
“As cyber-threats become more sophisticated, we need a more coordinated and modernized approach to protecting the water systems that support access to clean and safe water in America.”
The plan was announced on Thursday by the EPA and its federal partners. It was developed by the EPA, the National Security Council (NSC), the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Water Sector Coordinating Council and Water Government Coordinating Council (WSCC/GCC).
“The action plans for the electric grid and pipelines have already resulted in over 150 electricity utilities serving over 90 million residential customers and multiple critical natural gas pipelines deploying additional cybersecurity technologies,” said deputy national security advisor for cyber and emerging technology, Anne Neuberger.
She added: “This plan will build on this work and is another example of our focus and determination to use every tool at our disposal to modernize the nation’s cyber defenses, in partnership with private sector owners and operators of critical infrastructure.”
The EPA said it intends to “encourage, incentivize and assist” water sector stakeholders to rapidly deploy industrial control systems (ICS) cybersecurity monitoring technologies.
“Public-private sector collaboration like this initiative is central to protecting the American public and their ability to safely access critical services,” said secretary of homeland security Alejandro Mayorkas.
More Stories
Court Rules Against NSO Group
The case is over: A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought...
European Vulnerability Database Launches Amid US CVE Chaos
ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive Read More
M&S Confirms Customer Data Stolen in Cyber-Attack
M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information...
UK Considers New Enterprise IoT Security Law
The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security Read...
Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat
Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage Read More
Criminal Proxy Network Infects Thousands of IoT Devices
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet Read More