Cyber Best Practices

Editor’s Note: Looking for a good reason to join the WaterISAC?  The information below reflects the type of work and quality of effort that goes into WaterISAC products…and it has practical, on the ground value for drinking water utilities of all sizes.

The WaterISAC has just published 10 Basic Cybersecurity Measures: Best Practices to Reduce Exploitable Weaknesses and Attacks, which provides recommended steps water and wastewater utilities can take to defend themselves in the cyber environment. Each recommended measure includes a description and links to corresponding technical resources.

The document is an updated version of the August 2012 10 Basic Cybersecurity Measures to Reduce Exploitable Weaknesses and Attacks guide. The updated document was developed in partnership with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the FBI, and the Information Technology (IT) ISAC. WaterISAC also acknowledges the Multi-State (MS) ISAC for its contributions to the document.

In reviewing cyber incident reports for 2014, ICS-CERT noted that if the affected entities had implemented the first three recommendations in the Best Practices Guide, they likely would have detected the issues, prevented the vulnerabilities, and averted the resulting impacts related to those incidents.

Please share this Guide with your water systems.  This information can be a critically useful tool in helping the drinking water community better defend itself against cyber attacks and intrusions.


Comments are closed.