WaterISAC is passing along this partner guidance for broader awareness to assist utilities with organizational cyber resilience efforts.
Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), released guidance, Modern Approaches to Network Access Security, along with the following organizations:
On Thursday, June 13, CISA conducted the federal government's inaugural tabletop exercise with the private sector focused on effective and coordinated responses to artificial intelligence (AI) security incidents. The four-hour exercise brought together more than 50 AI experts from government agencies and industry partners.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additinonal alerts, updates, and bulletins:
ICS Advisories:
Yesterday, NIST through its National Cybersecurity Center of Excellence (NCCoE) released a draft Technical Note inviting public comments. The Note outlines universal remote access cybersecurity architectures and demonstrative solutions planned for the ‘Cybersecurity for the Water and Wastewater Sector: A Practical Reference Design for Mitigating Cyber Risk in Water and Wastewater Systems’ project. The public comment period is open through July 15, this year.
June was designated as National Internet Safety Month by the U.S. Senate in 2005 primarily to raise awareness of internet dangers and highlight the need for education about online safety. Since that time, with the rise of smartphones and other technologies, the amount of time people spend online has grown enormously – as have the risks.
As data from numerous studies have shown, the nation needs more education and training about the risks we face online and how to stay safe when using connected devices.
WaterISAC is passing through this CISA alert for member awareness. Impersonation scams are on the rise and often use the names and titles of government employees. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency. As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret. Members are encouraged to be extra vigilant when receiving communications from CISA.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Twenty Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The presence of AI-related threats is leading the cybersecurity community at large to change strategies and focus more on prevention capabilities. According to Deep Instinct, a cybersecurity company that implements artificial intelligence for the purpose of preventing and detecting malware, 75% of security professionals had to change their cybersecurity strategy in the past year due to AI-powered threats. In particular, deepfakes are on the rise with 61% of organizations experiencing a rise in deepfake incidents over the past year.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
