Previously published as draft NIST Technical Note 2283, the NCCoE has finalized the guidelines based on community input and published NIST SP 1800-45, Cybersecurity for the Water and Wastewater Sector: Build Architecture (Operational Technology Remote Access)
Securing Water and Wastewater Utilities
Access to clean water is critical to public health, the environment, and our nation’s economic prosperity. Water utilities supply clean water to communities and ecosystems across the country. Wastewater treatment facilities remove harmful or toxic impurities from wastewater and then return clean water back to the environment. Together, facilities in the Water and Wastewater Systems (WWS) sector play an important role in our national critical infrastructure. It is important to help these utilities to mitigate their cybersecurity risks.
Demonstrating how to mitigate and manage cybersecurity risks for the Water and Wastewater Systems Sector
Abstract
The Water and Wastewater Systems sector is undergoing a digital transformation, increasing its dependence on connectivity to systems that, for instance, monitor pumping stations, evaluate water quality, or analyze data to support more efficient operations and improve service. This increased reliance on an internet-connected ecosystem, however, increases the opportunity for malicious actors to introduce vulnerabilities into a water or wastewater utility’s systems and networks. It is important that the water utilities are equipped with resources to help them address and mitigate their cybersecurity risks.
The NCCoE worked collaboratively with the Water and Wastewater Systems sector, technology providers, and across government to identify areas to help water and wastewater utilities mitigate and manage cyber risks. The NCCoE demonstrated the use of existing commercially available products to mitigate and manage these risks. The findings can be used as a starting point by utilities in mitigating cybersecurity risks for their specific production environment.
Water is vital for sustaining life on Earth, and in today’s internet-connected society cybersecurity is vital to maintaining the quality and accessibility of our water resources.
Related Events
-
Speaker Series
Cybersecurity for the Water and Wastewater Systems Sector
Collaborators
- Asdwa – Association of State Drinking Water Administrators
- Bedrock Systems
- CISCO
- Cyber 2.0
- Denver Water
- Dragos
- I&C Secure
- Q-Net Security
- Radiflow
- StrongDM
- TDI Technologies
- US.ABB
- West Yost
- WSSC Water
Join the Community of Interest
A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI.