Risk & Resilience
AWWA’s Cybersecurity Guidance and supporting Use-Case Tool were specifically developed to provide a voluntary, sector-specific approach to support implementation of applicable controls in the NIST Cybersecurity Framework. The Guidance and Use-Case Tool have been recognized by USEPA, DHS, NIST and several states for aiding water systems in their prioritization of controls necessary to manage cybersecurity risks.
The NIST Cybersecurity Framework was created in response to Executive Order 13636 - Improving Critical Infrastructure Cybersecurity. In addition, America’s Water Infrastructure Act of 2018, requires all community water systems serving more than 3,300 to conduct a risk and resilience assessment that must consider cybersecurity threats.
Cybersecurity requires a commitment to action as part of an all-hazards risk management strategy as recommended in ANSI/AWWA G430: Security Practices for Operations and Management. The AWWA Cybersecurity Guidance & Use-Case Tool are living documents, and it is expected that further revisions and enhancements will be implemented based on input from users.
Email comments and questions about the guidance and/or use-case tool.
Didn't find what you are looking for? Please contact us at email@example.com