Top Cyber Actions for Securing Water Systems
This joint fact sheet, co-sealed by CISA, EPA, and FBI, outlines the following cyber actions Water and Wastewater Systems Sector entities can take to reduce risk and improve resilience to malicious cyber activity and provides free services, resources, and tools to support these actions:
- Reduce Exposure to the Public-Facing Internet
- Conduct Regular Cybersecurity Assessments
- Change Default Passwords Immediately
- Conduct an Inventory of Operational Technology/Information Technology Assets
- Develop and Exercise Cybersecurity Incident Response and Recovery Plans
- Backup OT/IT Systems
- Reduce Exposure to Vulnerabilities
- Conduct Cybersecurity Awareness Training
Entities requiring additional support for implementing any of the actions outlined in the fact sheet, should contact EPA and/or their regional CISA cybersecurity advisor for assistance.