AWWA Cybersecurity Guidance and Assessment Tool
Cybersecurity is the top threat facing business and critical infrastructure in the United States, according to reports and testimony from the Director of National Intelligence, the Federal Bureau of Investigation, and the Department of Homeland Security.
All water systems should act to examine cybersecurity vulnerabilities and develop a cybersecurity risk management program.
Are you a community water system or do you support community water systems? If so, federal legislation requires systems serving 3,300 or more persons to consider cybersecurity threats in your risk and resilience assessment, as well as in your emergency response plan. This may sound daunting, but AWWA is here to help systems of all sizes.
AWWA has developed some essential planning resources to start water utilities on the path to cyber resilience. They are designed to help you clarify your utility’s exposure to cyber risks, set priorities, and execute an appropriate and proactive cybersecurity strategy.
- START HERE: Water Sector Cybersecurity Risk Management Guidance
Practical, step-by-step guidance from AWWA for protecting process control systems used by the water sector from cyberattacks. Following this guidance saves time and yields more comprehensive, accurate and actionable recommendations from the Assessment Tool. - Assessment Tool
This interactive tool asks utilities to examine how they are using various technologies. Based on responses, the tool generates a customized, prioritized list of controls that are most applicable to the utility’s technology applications. Utilities can use this output to determine the implementation status of critical controls designed to mitigate cybersecurity vulnerabilities. AWWA website login is required for access. - Small Systems Guidance
A getting-started guide to help small rural utilities improve their cybersecurity practices. For water utilities serving fewer than 10,000 people, and especially those serving fewer than 3,300 people.