EPA Announces Availability Of $9M To Protect Drinking Water From Natural Hazards And Cybersecurity Threats

Funding will help advance new Water Sector Cybersecurity Recommendations

Today, U.S. Environmental Protection Agency (EPA) announced over $9M in grant funding for midsize and large water systems to help protect drinking water from cybersecurity threats and improve resiliency for extreme weather events. The agency is also publishing a report highlighting 10 recommendations to strengthen resiliency to cyberattacks in the water sector.

“Drinking water and wastewater systems play a foundational role in EPA’s Powering the Great American Comeback Initiative by providing essential services that protect public health and water resources while supporting American industry and commerce,” said EPA Administrator Lee Zeldin. “With $9M in grant funding and ten practical, effective, and collaborative recommendations to address cyberattacks, water systems across the country can strengthen their resiliency to threats—from hurricanes to flooding to cyber incidents.” 

$9M for Water System Resilience
The Midsize and Large Drinking Water System Infrastructure Resilience and Sustainability grant program is authorized by Congress through the Safe Drinking Water Act. EPA is seeking grant applications from public water systems serving 10,000 people or more. This funding opportunity will remain open for 60 days on www.grants.gov

For more information, visit EPA’s Midsize and Large Drinking Water System Infrastructure Resilience and Sustainability Program.

Water Cybersecurity Recommendations
EPA is publishing a report titled, Securing the Future of Water: Addressing Cyber Threats Today (pdf). The report includes recommendations calling for a holistic approach to strengthen cybersecurity in the water sector by enhancing coordination and collaboration across government, associations, and water utilities. Systems are being encouraged to address unique needs, normalize and promote cybersecurity measures, and improve access to technical assistance. These recommendations were produced by a Water Sector Cybersecurity Task Force that EPA co-lead at the time they were developed.

There are several priority actions that accompany the recommendations, including the development of water-sector focused cybersecurity leadership training, increasing direct cybersecurity technical assistance, providing webinars and curated resources for utilities, integration of cybersecurity into operator certification and continuing education, coordination with state Chief Information Officers (CIO) Offices for Cybersecurity Support, and more.

EPA is taking action to advance the goals of the recommendations and priority actions. Learn more about the Water Sector Cybersecurity Task Force recommendations.

Background
Cyberattacks against water systems have increased several-fold over the past few years and can disrupt or contaminate drinking water and compromise the treatment of wastewater. EPA, federal partners, and utilities have a collective responsibility to ensure that cyber threats do not imperil the critical lifeline of clean and safe water. Clean and safe water is central to strengthening the American workforce; powering industries — from auto manufacturing to Artificial Intelligence; and advancing energy dominance. In communities, it supports small businesses, hospitals, military bases, and schools.

The Cybersecurity Task Force was formed by members of the Water Sector Government Coordinating Council (GCC) and Sector Coordinating Council (SCC), groups which connect EPA with partners from the national associations, state primacy agencies, water utilities and other representatives from the Water Sector.