The Biden administration on Friday [3/3/2023] said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks.
The Environmental Protection Agency said public water systems are increasingly at risk from cyberattacks that amount to a threat to public health.
“Cyberattacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable,” said EPA Assistant Administrator Radhika Fox. “Cyberattacks have the potential to contaminate drinking water.”
Fox said the EPA would assist states and water systems in building out cybersecurity programs, adding that states could begin using EPA’s guidance in their audits right away. The agency did not respond immediately to questions about enforcement deadlines.
EPA said it would help states and water systems with technical know-how. The announcement made no mention of new financial assistance.
Biden administration officials said recent surveys show that states are inconsistent in their efforts to protect drinking water systems from cyberattacks — mainly on the operational technology used for safe drinking water. The EPA also said many water systems do not have cybersecurity […]
Full article: EPA Mandates States Report on Cyber Threats to Water Systems