EPA to require water utilities to implement new cybersecurity measures

Share post:

The Environmental Protection Agency (EPA) announced that water utilities will be required to improve their cybersecurity measures. The EPA is concerned about the possibility of cyberattacks causing water supply disruptions.

Water utilities will be required to conduct regular risk assessments and develop plans for responding to cyberattacks under the new rules. They will also be required to implement a variety of technical security measures, such as firewalls and encryption, to protect their networks.

The EPA will require states to survey the digital networks that govern drinking water filtration operations under the national framework. This comes after a slew of cyberattacks on critical infrastructure in the United States, with water systems being the most recent targets. The EPA insists that states include cybersecurity in their periodic audits of water systems (known as “sanitary surveys”) and highlights various approaches that states can take to fulfill this responsibility.

“Cyber-attacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable. Cyber-attacks have the potential to contaminate drinking water, which threatens public health,” said EPA Assistant Administrator for Water Radhika Fox. “EPA is taking action to protect our public water systems by issuing this memorandum requiring states to audit the cybersecurity practices of local water systems.”

The EPA will also assist states in assessing the security of their water systems. The new “Evaluating Cybersecurity During Public Water Sanitary Surveys” guidance will assist state governments in incorporating a stronger cybersecurity posture into their existing water purification systems.

The sources for this piece include an article in Axios.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways