Security News > 2023 > March > EPA orders US states to check cyber security of public water supplies
The Environmental Protection Agency is outlining steps public water systems officials need to take to protect drinking water supplies, and mandating cybersecurity assessments in their 'sanitary surveys' of the water systems.
Security software maker Tripwire said in a September 2022 report that many of the water systems in the country "Are small, serving low-density communities and functioning on limited budgets. The fragmented nature of water utility coverage coupled with low budgets and limited technological expertise means many systems are outdated and under-protected."
Over the past two decades, public water administrators have increasingly relied on electronic tools to operate their water systems but those electronic systems now are vulnerable to cyberattacks, Fox wrote.
A 2021 report [PDF] from the Water Sector Coordinating Council, a strategy organization for the water and wastewater systems sector, cybersecurity is a top priority in the industry, from training and education to assessments and tools.
"Americans deserve to have confidence in their water systems' resilience to cyber attackers," Anne Neuberger, deputy national security advisor for cyber and emerging technologies, said in a statement, adding that the EPA's approach is purposely flexible so water system administrators can adapt it to their needs while maintaining safe supplies.
The EPA is giving some organizations more leeway depending on the programs they already have in place, ranging from enabling water system operators to self-assess their systems, letting third parties do the work, or having the states run the assessments.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/03/06/epa_security_public_water/
Related news
- Is Australia’s Public Sector Ready for a Major Cyber Security Incident? (source)
- Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024 (source)
- Secureworks Fills Australian Mid-Market Demand for Simplified Cyber Security Solutions (source)
- Is Lenovo a blind spot in US anti-China security measures? (source)
- Strategies for security leaders: Building a positive cybersecurity culture (source)
- Cyber Security and IT Leadership: A Growing Threat to Australia’s Renewable Energy Efforts (source)
- US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor (source)
- Transport for London discloses ongoing “cyber security incident” (source)
- Transport for London is dealing with a cyber security incident (source)
- Digital Maturity Key to AI Success in Australian Cyber Security (source)