Administration Warns States on Threats to Water Infrastructure

Government efforts to promote cybersecurity in this sector have escalated due to recent threats.

Water Plant

Recently, U.S. Environmental Protection Agency Administrator Michael Regan and National Security Advisor Jake Sullivan sent a letter to all U.S. Governors inviting state environmental, health and homeland security Secretaries to a discussion on the urgent need to safeguard water sector critical infrastructure against cyber threats. The meeting, which takes place March 21, will highlight current federal and state efforts to promote cybersecurity practices in the water sector, discuss priority gaps in these efforts, and emphasize the need for states and water systems to take immediate action.

“Drinking water and wastewater systems are a lifeline for communities, but many systems have not adopted important cybersecurity practices to thwart potential cyberattacks,” said EPA Administrator Michael S. Regan. “EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems.”

“The Biden Administration has built our national security approach on the foundational integration of foreign and domestic policy, which means elevating our focus on cross-cutting challenges like cybersecurity,” said National Security Advisory Jake Sullivan. “We’ve worked across government to implement significant cybersecurity standards in our nation’s critical infrastructure, including in the water sector, as we remain vigilant to the risks and costs of cyber threats. We look forward to continuing our partnership with the EPA to bolster the cybersecurity of America’s water and wastewater systems.”

The National Security Council (NSC) and EPA are encouraging all states to join this dialogue to drive rapid improvements to water cybersecurity and reinforce collaboration between state and federal entities and water systems.

Additionally, the EPA will strive to collaborate with the Water Sector and Water Government Coordinating Councils in forming a Water Sector Cybersecurity Task Force to identify near-term actions and strategies to reduce the risk of water systems nationwide to cyberattacks. In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations would seek to build upon existing collaborative products, such as the 2023 Roadmap to a Secure and Resilient Water and Wastewater Sector and recommendations stemming from the meeting with Environmental, Health and Homeland Security Secretaries.

More information about the EPA’s cybersecurity program, as well as details about the meeting can be found at the EPA’s Cybersecurity for the Water Sector website.

More in Cybersecurity