As Cybersecurity Awareness Month continues, the American Water Works Association has released a guide that highlights how water utilities can manage the risk of cyber attacks on water infrastructure systems.
The free online guide, titled Cybersecurity Risk & Responsibility in the Water Sector, notes that “Cyber risk is the top threat facing business and critical infrastructure in the United States, according to the Director of National Intelligence, the Federal Bureau of Investigation and the Department of Homeland Security.”
The guide highlights steps water utilities can take to protect water systems, operations and customer data.
“The reality and prevalence of cyber risk mandates that organizations and their leaders not only take meaningful action to prevent and detect harms, but also have a tested plan for responding swiftly and effectively when cyber incidents do occur,” said Kevin Morley, AWWA federal relations manager. “Failing to address cybersecurity risk in a proactive way can have devastating results.”
Also available as a resource is AWWA’s Cybersecurity Use-Case Tool, which was developed in response to Executive Order 13636 to improve infrastructure cybersecurity.
America’s Water Infrastructure Act of 2018, which was signed into law in October, requires community water systems serving a population of more than 3,300 persons to conduct a risk and resilience assessment of their systems. This includes assessing the security of any electronic, computer or other automated systems that the community water system uses.
Cybersecurity Awareness Month is an annual initiative spearheaded by the U.S. Department of Homeland Security. More cybersecurity resources for water systems can be found on AWWA’s Cybersecurity Guidance webpage.
