Cybersecurity is the top threat facing business and critical infrastructure in the United States, according to reports and testimony from the Director of National Intelligence, the Federal Bureau of Investigation and the Department of Homeland Security.
Based on recommendations in the 2008 Roadmap to Secure Industrial Control Systems in the Water Sector, AWWA’s Water Utility Council took action to develop a cybersecurity resource designed to provide actionable information for utility owner/operators based on their use of process control systems. That is the purpose and objective of the Process Control System Security Guidance for the Water Sector (PDF) and the supporting Use-Case Tool.
The AWWA’s resources have been recognized by the Water Sector Coordinating Council and the USEPA as the foundation of a voluntary, sector-specific approach for adopting the NIST Cybersecurity Framework. The NIST Cybersecurity Framework was created in response to Executive Order 13636 - Improving Critical Infrastructure Cybersecurity, signed by President Obama on Feb. 12, 2013.
All in all, this requires a commitment to action as part of an all-hazards risk management strategy as recommended in ANSI/AWWA G430: Security Practices for Operations and Management. The AWWA Cybersecurity Guidance & Tool are living documents, and it is expected that further revisions and enhancements will be implemented based on input from users.
Email comments and questions about the guidance and/or use-case tool.
Also see and download Cybersecurity Myths article (PDF), posted here by permission of EMA.
Access additional AWWA resources on Utility Security and on Emergency Preparedness