You are here

Home

WaterISAC Events

Water Sector Physical Threat Web Briefing – Overview of Threat Actors and Tactics Facing the Water & Wastewater Sector

On April 5 at 2 pm ET, WaterISAC will convene the first event in a new webinar series - quarterly Water Sector Physical Threat Web Briefings. Charles Porter, a senior analyst at the Department of Homeland Security’s (DHS) Office of Intelligence & Analysis (I&A), will provide an overview of physical security threats facing the water and wastewater sector. Specifically, he will cover threats posed by different malicious actors, from domestic violent extremists and foreign terrorist organizations to common criminals and malicious insiders, who seek to target critical infrastructure.

Special Web Briefing - What You Need to Know: EPA's New Operational Technology Cybersecurity Requirement to Help PWSs

On April 12, 2023, WaterISAC welcomes EPA’s Water Infrastructure and Cyber Resilience Division of the Office of Ground Water and Drinking Water to present on the recently released interpretive rule requiring state primacy agencies to assess public water system cybersecurity within sanitary surveys or an alternate process. EPA will also share information on the guidance, tools, training, and technical assistance available to support states and public water systems as they implement this requirement.

Register at any time. No need to cancel if you can’t attend.

Water Sector Cyber Threat Web Briefing - No Need to Reinvent the Wheel: Industrial Control Systems Cyber Incident Response

Many water and wastewater utilities have adopted the FEMA Incident Command System (ICS) for managing emergency response and recovery during physical incidents, such as hurricanes, floods, earthquakes, and industrial accidents, yet don’t know where to start in dealing with a cyber incident. Have you considered what’s good for your physical incident response is also good for your cyber incident response?

Water Sector Cyber Threat Web Briefing - South Staffordshire Water: Use Case for Objectively Assessing Information During the Early Stages of a Cyber Incident, Including your Own

In August 2022, South Staffordshire PLC, the parent company of South Staffs Water and Cambridge Water in the UK, became the target of a ransomware attack. There were multiple points of confusion which resulted in erroneous reporting and inaccurate assessments, including whether or not the attackers (the Cl0p ransomware group) had actually gained control of the utilities’ SCADA systems.

Water Sector Cyber Threat Web Briefing - Are You Asking the Right Questions when Evaluating IoT SaaS Vendors?

Following up on the August Cyber Threat Web Briefing, which examined how IoT devices can be exploited for initial access and lead to incidents like ransomware attacks in IT and OT environments, WaterISAC’s September briefing will focus on the questions your utility should be asking its IoT software as a service (SaaS) vendors. Unfortunately, there have been numerous incidents of water and wastewater utilities being affected because of a vulnerability in a SaaS vendor’s product.

H2OSecCon

WaterISAC is excited to announce its first annual virtual conference on security, set for November 15-17. H2OSecCon will feature water utility and security experts sharing their experiences and recommendations on physical security, IT and OT cybersecurity, and resilience. 

Small Systems Aren't Small Potatoes, Why Rural Water Utilities Need Cybersecurity and What to Do About It, Part 1 - Security Culture

The first of a series of three webinars being jointly hosted by NRWA and WaterISAC. The goal is to provide water utilities with cybersecurity educational presentations that provide basic security advice that can be incorporated by water and wastewater utilities of all sizes.

Pages

Subscribe to WaterISAC Events