Organizations in the U.S. water and wastewater sector have been given new cybersecurity best practices guidance by the Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency, and the FBI following an Office of the Inspector General report noting inadequate federal collaboration with the industry despite escalating cybersecurity threats, reports The Record, a news site by cybersecurity firm Recorded Future.
Developed in collaboration with industry organizations and government entities, the guidance not only details cyber incident preparation, identification, and analysis, but also tackles cyberattack containment and recovery, as well as post-incident actions. Water and wastewater firms have also been given information on federal agencies that could assist in the event of an attack. Such guidance was also accompanied by CISA's pledge to bolster efforts supporting the water and wastewater sector and other industries that are commonly targeted by cyber threats but do not have adequate defenses.
"Our regional team members across the country will continue to engage with WWS partners to provide access to CISA's voluntary services, such as enrollment in our Vulnerability Scanning, and serve as a resource for continued improvement," said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.