The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
CrowdStrike
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
A key indicator of an organization's overall cyber health is the daily activities and behaviors of its users. Even with effective policies, training, and security measures, we all have the potential to make mistakes – including some that can be significantly damaging. The World Economic Forum (WEF) emphasizes this concern, revealing that 95% of cybersecurity incidents stem from human error. Consider the following five prevalent cybersecurity mistakes made by well-intentioned employees.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
IT Vulnerabilities & Security Updates
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Sophos published its The State of Ransomware in Critical Infrastructure 2024 report yesterday offering a comprehensive glimpse into the state of ransomware within the energy, oil/gas, and utilities sector in 2024. The report sheds light on persistent challenges and evolving trends in the sector, highly applicable to the water and wastewater systems sector. While the report indicates that recovery rates have remained steady, there is a growing trend of critical infrastructure organizations choosing to pay the ransom rather than use their backups for data recovery.
Whether your utility allows access to Amazon from the enterprise network or not, users are likely to be somewhat distracted during Prime Day. Members are encouraged to share this post with everyone as a reminder to maintain vigilance for Prime Day scams and phishing attempts.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
