The week EPA released the Technical Cybersecurity Support Plan for Public Water Systems which included: (1) the methodology for identifying specific PWSs for which cybersecurity support should be prioritized; (2) the timelines for making voluntary technical support for cybersecurity available; (3) the public water systems identified as needing technical support for cybersecurity; and (4) specific capabilities of EPA and CISA that may be utilized to provide support to PWSs. It should be noted that while “available data indicate that most PWSs need technical support for cybersecurity…EPA has identified the following two categories of PWSs as potentially having an elevated need for additional technical support. The first group are those PWSs serving 3,300 people or fewer and all non-community water systems not required to conduct risk and resilience assessments or develop emergency response plans under America’s Water Infrastructure Act of 2018. The second group are those PWSs “that undergo a cybersecurity risk assessment, which could be conducted by a Federal or SLTT entity under a regulatory program or voluntarily by the PWS or an outside technical assistance provider.”
Technical Cybersecurity Support Plan for Public Water Systems August 2022
