Cyber Security
Explore top cybersecurity practices for the Water and Wastewater Systems sector with CISA's latest toolkit and expert-led webinars. Learn how to enhance cyber resilience.
Calling all Circuit Riders!
WaterISAC is hosting a one-day exercise in Washington DC on Dec 5th. NRWA would appreciate you encouraging your association members to attend this cybersecurity training. It’s important for everyone to be prepared.
Event details can be found here: https://www.waterisac.org/event/h2oex-exercise-water-sector
Please feel free to print the flyer and pass along on to your contacts. Please let me know if you have any questions or concerns or you may contact Charlie Stephens at the email charles@nrwa.org.
Incident Response Guide: Water and Wastewater Systems (WWS) Sector
Water Sector Cybersecurity Toolkit
CISA Conducted CISA Live Event – Boosting Water Sector Cybersecurity on LinkedIn Live
On Wednesday, February 7, CISA hosted its third CISA Live! – Boosting Water Sector Cybersecurity, hosted on LinkedIn Live. CISA Deputy Director Nitin Natarajan and Director of Environmental Protection Agency Water Infrastructure and Cyber Resilience Division David Travers discussed the current water sector cyber risk environment, the importance of partnerships, and sector challenges and provided information on how stakeholders can improve their cybersecurity—including by taking advantage of the jointly developed Cybersecurity Toolkit for Water and Wastewater launched earlier this month.
Watch the full recording: CISA Live! – Boosting Water Sector Cybersecurity
CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) released the joint fact sheet Top Cyber Actions for Securing Water Systems. This fact sheet outlines the following practical actions Water and Wastewater Systems (WWS) Sector entities can take to better protect water systems from malicious cyber activity and provides actionable guidance to implement concurrently:
- Reduce Exposure to the Public-Facing Internet
- Conduct Regular Cybersecurity Assessments
- Change Default Passwords Immediately
- Conduct an Inventory of Operational Technology/Information Technology Assets
- Develop and Exercise Cybersecurity Incident Response and Recovery Plans
- Backup OT/IT Systems
- Reduce Exposure to Vulnerabilities
- Conduct Cybersecurity Awareness Training
CISA, EPA, and FBI urge all WWS Sector and critical infrastructure organizations to review the fact sheet and implement the actions to improve resilience to cyber threat activity.
Organizations can visit cisa.gov/water for additional sector tools, information, and resources.