The U.S. Environmental Protection Agency recently submitted its water infrastructure cybersecurity plan to Congress, which was mandated by the Bipartisan Infrastructure Law. The plan is titled “Technical Cybersecurity Support Plan for Public Water Systems.”
This report comes on the heels of a separate report, also required by the Bipartisan Infrastructure Law, called the Prioritization Framework that describes the agency's methodology for prioritizing certain public water systems for technical support related to cybersecurity.
The EPA has also created a webpage outlining cybersecurity best practices for the water sector, which includes a list of cyber resilience resources, information on incident response, information about alerts from the Cybersecurity and Infrastructure Security Agency, and more.
According to some sources, the EPA could reveal a new federal implementation memo this fall using its authority under the Safe Drinking Water Act that would require states to expand inspections at about 1,600 water systems to include cybersecurity threats.
