EPA rescinds cybersecurity rule for water systems

Share post:

The Environmental Protection Agency (EPA) has rescinded a rule that would have required states to conduct cybersecurity evaluations of their public water systems. The decision comes after a lawsuit from Republican states and water industry groups, who argued that the EPA did not have the authority to issue the rule without Congressional approval.

The EPA’s decision is a major setback for efforts to protect the nation’s drinking water from cyberattacks. In recent years, there has been a growing number of cyberattacks on water and wastewater plants, including a 2021 incident in Oldsmar, Florida, where a hacker attempted to poison the city’s water supply.

The EPA has warned that many public water systems have failed to adopt basic cybersecurity best practices, leaving them at high risk of being compromised. The rescinded rule would have helped to identify and address these vulnerabilities.

In a statement, the EPA said that it “continues to believe that adopting cybersecurity best practices at public water systems is essential to providing safe and reliable drinking water.” However, the agency said that it will now rely on states to voluntarily review their cybersecurity programs.

Industry groups applauded the EPA’s decision to rescind the rule, but acknowledged that cyber threats against the water sector are growing.

“AWWA is pleased that EPA has decided to withdraw its cybersecurity rule,” said American Water Works Association CEO David LaFrance. “We also recognize that cyber threats in the water sector are real and growing, and we cannot let our guard down for even a moment.”

LaFrance urged Congress and the EPA to support a “co-regulatory model” that would engage utilities in developing cybersecurity requirements with oversight from the agency.

The sources for this piece include an article in TheRegister.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways