May 21, 2024 at 01:36PM
The EPA states that nearly 70% of US community drinking water systems fail to comply with the Safe Drinking Water Act, including cybersecurity standards. The agency has announced plans to increase enforcement, as Russia and Iran have stepped up cyberattacks. The EPA has outlined top actions for securing water systems and is working with CISA to provide guidance.
From the meeting notes, we can deduce that the Environmental Protection Agency (EPA) has highlighted a concerning lack of compliance with cybersecurity standards in United States’ community drinking water systems. The agency has raised alarm about cyberattacks from foreign entities like Russia and Iran, which have targeted water systems and posed significant risks to public safety and infrastructure integrity.
To address these pressing issues, the EPA has announced new enforcement plans aimed at improving cybersecurity resilience in water systems. These plans include increasing inspections, releasing a “Top Actions for Securing Water Systems” outline, establishing a task force, and potentially taking civil and criminal enforcement actions against non-compliant systems. Furthermore, the government has proposed $7.5 million in new cybersecurity funding for rural water systems.
To overcome the challenge of shortage in sector-specific cybersecurity expertise, the EPA is working with the Cybersecurity and Infrastructure Security Agency (CISA) to offer guidance, tools, training, resources, and technical assistance to water systems. Additionally, industry experts like Chris Warner emphasize the importance of forming cross-functional teams, collaborating with Critical Infrastructure Sector Liaisons, and building strong relationships with local law enforcement to address cybersecurity challenges effectively.
The meeting notes underline the critical need for continued focus and collaborative efforts to enhance the cybersecurity posture of water and wastewater systems, as the risk of cyberattacks on critical infrastructure remains significant. It’s clear that cybersecurity in the water sector is a top priority for the EPA and partnering agencies to ensure the safety and reliability of community drinking water systems.