CISA, Partners Issue Guidance for Protecting Water, Wastewater Systems From Cyberthreats

The Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency and the  FBI released new guidance to help water and wastewater systems operators and owners fend off cyberthreats.

The guidance highlights four stages of cyberthreat incident response: preparation; detection and analysis; containment, eradication and recovery; and post-incident activities. For each stage, WWS sector organizations are urged to engage with the cybersecurity community, collect information in an accurate and timely manner, implement appropriate response and remediation actions while informing federal agencies and retain pieces of evidence for future reference.

The guidance was developed in partnership with WWS operators, nonprofit organizations and state and local governments, CISA said.

The guidance comes nearly a week after the Department of Homeland Security’s Office of the Inspector General issued a report about CISA’s shortcomings in communicating cybersecurity matters with the WWS sector. According to the OIG, the cybersecurity agency failed to share expertise with the EPA and other stakeholders and failed to work with its counterparts consistently despite having products and services capable of mitigating critical infrastructure threats.

The OIG issued three recommendations to help CISA improve coordination with the WWS sector.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Join Us Now