Summary:  Yesterday, alongside an announcement of more than $9 million in grant funding for midsize and large water systems, the EPA published a report titled “Securing the Future of Water: Addressing Cyber Threats Today.” The report includes recommendations calling for a holistic approach to strengthen cybersecurity in the water sector by enhancing coordination and collaboration across government, associations, and water utilities. Systems are being encouraged to address unique needs, normalize and promote cybersecurity measures, and improve access to technical assistance. These recommendations were produced by a Water Sector Cybersecurity Task Force that the EPA co-led.

Analyst Note: As cyber attacks on U.S. water systems have increased in recent years, federal, state, and industry partners have continued to coordinate actionable steps to help water utilities sector-wide address the risks. The target audience for the Task Force recommendations are “lower-capacity utilities that struggle with limited resources,” and “higher-capacity utilities that have resources but may not prioritize cybersecurity due to competing demands like aging infrastructure.” WaterISAC encourages utilities that meet these criteria to review the report and apply the recommendations to their situation. The report includes ten recommendations for enhancing cybersecurity across the water sector which will help in activities such as leadership training, integration of cybersecurity into operator certifications, and partnerships with national cybersecurity associations and agencies. 

Original Source: https://www.epa.gov/system/files/documents/2025-08/water-cybersecurity-recommendations_water-sector-cybersecurity-task-force_apr25-072525.pdf

Related WaterISAC PIRs: 12