"US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities"

The US government recently published new guidance aimed at helping organizations in the water and wastewater (WWS) sector improve their cyber resilience and incident response capabilities.  Released in response to an increased interest by financially and politically motivated threat actors in the United States WWS sector, the guide outlines how water utility owners and operators can interact with federal partners to prepare for, mitigate, and respond to incidents.  To improve the water sector’s cybersecurity, the document establishes guidelines for incident reporting, details available resources, services, and no-cost training, helps organizations build a cybersecurity baseline, and encourages them to interact with their local cyber communities.  To improve the cybersecurity of critical infrastructure, the US government encourages WWS organizations to provide information on cyberattacks to federal partners such as CISA, FBI, EPA, the Office of the Director of National Intelligence (ODNI), and the DHS Office of Intelligence and Analysis (I&A).  Furthermore, the government notes that they should implement and strengthen their incident response plans by ensuring that the process includes four stages: preparation, detection and analysis, containment, eradication, recovery, and post-incident activity.

SecurityWeek reports: "US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities"