Biden administration officials meet with states on cyber threats to water sector

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies and Janet McCabe, EPA Deputy Administrator, recently met with state and local officials from across the United States to discuss cybersecurity in the water sector.

The meeting was a follow up to a March 19 letter sent by National Security Advisor Jake Sullivan and U.S. Environmental Protection Agency Administrator Michael S. Regan to all governors highlighting the urgency to improve the water sector cybersecurity and protect water resources from potential cyberattacks by foreign governments and associated criminal entities.   

During the meeting, officials from several states outlined actions that they are currently taking to protect their water systems. There was discussion of current state programs in place and lessons learned from these experiences. Many states relayed challenges associated with cyber vulnerability including barriers such as finding the appropriate technical expertise. EPA and the Cybersecurity and Infrastructure Security Agency (CISA) also shared information about existing state coordination and resources available to assist states in assessing and addressing vulnerabilities. States and federal partners will continue to work together to share best practices and facilitate connections to reduce barriers.

“The nation’s water systems face cyber threats from criminals and countries alike,” said Neuberger. “We must lock our digital doors to meet the threat. The Biden-Harris Administration has issued cybersecurity best practices and made available free tools and services to help companies operating critical infrastructure act quickly.” 

“Cybersecurity is not the sole responsibility of one single water system, one single state, or the federal government. Instead, cybersecurity is a collective responsibility,” added EPA Deputy Administrator McCabe. “EPA has an important role, and it’s critical that we work together with our state partners to help set a course toward cyber-resilience that will deliver essential protections across the country.”

At the meeting, Neuberger requested that each state share a cybersecurity plan by May 20, 2024. The cybersecurity plans should include details for how states are working with both drinking water and wastewater systems to determine where they are vulnerable to cyberattacks and what actions they are taking to build in cybersecurity protections. DNSA Neuberger encouraged states to tap into EPA and CISA’s resources to support their work. For more information visit the Water and Wastewater Cybersecurity website.

Additionally, EPA outlined actions being taken to establish a Water Sector Cybersecurity Task Force to identify near-term actions and strategies to reduce the risk of water systems nationwide to cyberattacks.

For information about EPA’s cybersecurity program, visit EPA’s Cybersecurity for the Water Sector website.

Leave a Reply

Your email address will not be published. Required fields are marked *