Project proposed to improve water utility cybersecurityS. Himmelstein | December 06, 2022
The National Cybersecurity Center of Excellence (NCCoE) of the U.S. National Institute of Standards and Technology (NIST) seeks feedback on a proposed project that would pilot solutions to common cybersecurity risks faced by water and wastewater plants.
A growing number of water and wastewater systems (WWS) sector stakeholders in the U.S. is utilizing data-enabled capabilities to improve utility management, operations and service delivery. The ongoing adoption of automation, sensors, data collection, network devices and analytic software may increase cybersecurity-related vulnerabilities and associated risks. This trend warrants the development of best-practices, guidance and solutions to ensure that the cybersecurity posture of facilities is safeguarded.
The NCCoE project will demonstrate solutions to protect the cybersecurity of infrastructure within the operating environments of WWS sector utilities that address common cybersecurity risks. This project will address areas that have been identified by stakeholders, including asset management, data integrity, remote access and network segmentation.
Efforts will focus on the use of existing commercially available products to mitigate and manage these risks. The findings can be used as a starting point by utilities in mitigating cybersecurity risks for their specific production environment. This project will result in a freely available NIST Cybersecurity Practice Guide.
The public comment period is open through December 19, 2022.