Dark
Light

EPA must tackle cyber threats in water systems

1 min read
52 views

TLDR:

  • The US EPA needs to address rising cyber risks to water systems, as highlighted by a GAO report.
  • Aging technology, workforce skills gaps, and lack of cybersecurity culture are major barriers in the water industry.

EPA Urged to Address Cyber Risks to Water Systems

The US Environmental Protection Agency (EPA) has been advised by the US Government Accountability Office (GAO) to address the increasing cyber risks to water and wastewater systems. Rising targeting of water systems, including by nation-state actors, has prompted the recommendation for urgent action.

The GAO report highlighted that while federal agencies have reviewed cybersecurity risks in the water sector, the EPA lacks a comprehensive sector-wide risk assessment and a risk-informed strategy. This hinders the agency’s efforts to address the highest risks effectively.

Challenges in improving cybersecurity in the water industry include the prevalence of old technologies that are difficult to update with cybersecurity protections, workforce skills gaps, and the lack of a cybersecurity culture among managers and staff in the sector.

To address cyber-attacks on water systems, the GAO proposed four recommendations for the EPA, including conducting a sector risk assessment, developing a cybersecurity strategy, evaluating legal authorities, and revising the Vulnerability Self-Assessment Tool (VSAT) as needed.

In response to the GAO report, the EPA has accepted the recommendations and plans to implement them by specific timelines.

Previous Story

Join us at the OT Cybersecurity Summit for cutting-edge insights

Next Story

Market leaders must prioritize military-grade cybersecurity for regulation compliance

Latest from News