White House To Circumvent Congress, Impose Stricter Cybersecurity Requirements On Water Systems
As cyber-attacks have become more advanced, it’s been made clear that drinking water and wastewater systems across the U.S. are increasingly under threat. In recent months, hackers have attempted to access treatment facilities to poison drinking water in Florida, the Bay Area, and Baltimore, and have targeted wastewater systems in Maine and California as well.
These critical infrastructure systems are on high alert, and President Biden’s administration has vowed to strengthen U.S. water systems as this worrying trend continues. Now, keeping that vow has meant forging ahead on its own.
“It’s been nine months since the White House revealed it had asked Congress to explicitly authorize the EPA to set cyber standards for the water sector… Since then, there hasn’t been a scintilla of movement on the issue from Capitol Hill,” Politico reported. “So the Biden administration is forging ahead without the Hill.”
A national security advisor has announced that the U.S. EPA will integrate cybersecurity requirements into the Sanitary Surveys that states conduct at their water facilities, utilizing authority already granted to the agency to compel the nation’s water systems to enhance protections against hackers.
“The details of the new cyber requirements remain unclear, although … they’ll likely mandate incident reporting, the creation of emergency response plans and the implementation of basic technologies such as multi-factor authentication,” per Politico.
But even though the White House has found this avenue for addressing cybersecurity measures, it is still working with members of Congress to do more, seeking to underscore EPA authority to impose these measures as well as add to them from other agencies.
“The White House will continue working with lawmakers … over the next few months to craft a measure that would embolden sector-specific risk management agencies to impose cybersecurity mandates for critical infrastructure providers,” Nextgov reported.
It remains to be seen how drinking water and wastewater systems across the country will implement additional cybersecurity standards imposed by the EPA. It seems likely that budgets will be stretched and staff will be tested. But hopefully, along the way, cyber threats will be diminished as well.
To read more about how drinking water and wastewater systems combat hacks, visit Water Online’s Resiliency Solutions Center.