HAWAI'I RURAL WATER ASSOCIATION
  • Home
    • HRWA Team & Board Members
    • HRWA Board Meeting Agenda
    • Newsletter/Magazine
  • Join Us
    • System Membership
    • Associate Membership
    • Career Opportunities
  • Services
    • Water/Wastewater CR
    • EPA >
      • DSO Study Guide Videos
      • WTPO Study Guide Videos
    • Source Water Protection
    • Fee-Based
    • Activities
  • Training
  • Resources
    • Cyber Security
    • Lead and Copper Rule Resources
    • EPA
    • NRWA
    • USDA RD
    • HI SWARN
    • COVID-19 Information & Resources
    • Other
  • Associate Links
  • HRWA Conference
  • Apprenticeship Program


2023 Updates & Resources
March 13, 2023-
“EPA Releases Memorandum on Cybersecurity in Public Water System Sanitary Surveys”
​

content.govdelivery.com/accounts/USEPAOGWDW/bulletins/34e711e
On March 3, 2023, USEPA issued the guidance document and memorandum that were identified in the Press Release.  The guidance document (dated February 2023) and interpretative memorandum (dated March 3, 2023) are attached below.

Please review the documents since it looks like a water system's cybersecurity program will be assessed during sanitary surveys.  USEPA, Region 9, has indicated that training is planned for both the states and utilities.  The (primacy) states will need to identify what of three approaches it will select for assuring cybersecurity evaluations of public water systems that have "operational technology" as part of their system operations.
evaluating_cybersecurity_during_pws_sanitary_surveys_guidance_2_22.pdf
File Size: 921 kb
File Type: pdf
Download File

addressing_pws_cybersecurity_in_sanitary_surveys_memo_march_2023.pdf
File Size: 389 kb
File Type: pdf
Download File

The link to USEPA's website on cybersecurity for the water sector is found at:

https://www.epa.gov/waterriskassessment/epa-cybersecurity-water-sector#rule

​
There are Fact Sheets and other information on USEPA's website.  The link also lists upcoming (webinar) training on evaluating cybersecurity programs for water systems.  You will need to register for the two-part training.
​The USEPA issued a press release on ​March 3, 2023, about improving cybersecurity resilience for public water systems.  The link to the press release is at:

https://www.epa.gov/newsreleases/epa-takes-action-improve-cybersecurity-resilience-public-water-systems


Please be on the lookout for the memorandum/guidance document from USEPA that will require the state (primacy) agencies to survey cybersecurity "best practices" of public water systems.
March 3, 2023-
​
Cybersecurity Assessments to be Included in Sanitary Surveys

  EPA released a legal opinion that cyber security resiliency falls under their existing authority under the Safe Drinking Water Act. The memorandum conveys EPA’s interpretation that states must include cybersecurity when conducting sanitary surveys for the nation's 143,219 public water systems. The memorandum also highlights different approaches for states to fulfill this responsibility.

NRWA and its 50 State Affiliates have always been committed to ensuring small and rural utilities have the support and resources they need to serve their communities. In this respect, cyber resiliency is just as vital as updated and working infrastructure. Rural Water is committed to assisting these small and rural systems in ensuring that their cybersecurity is sufficient to meet this evolving threat.

However, EPA’s approach to addressing this issue through the sanitary survey program may not prove to be as effective as many would like. NRWA will continue collaborating with EPA and key stakeholders to foster better results to mitigate cyber threats facing the water sector, especially for small and rural water utilities. 

EPA is not proposing a new rule for this action as this is a legal interpretation of existing authority. The memorandum is effective immediately. NRWA and all other water associations, plus the National Conference of Mayors, League of Cities, and the National Association of Counties have expressed concerns to EPA. Rural Water members are advised to contact their state primacy agencies for more information on the rollout of this mandate.

To view more information on this announcement from EPA please click here.
To submit comments please email wicrd-outreach@epa.gov.
January 18, 2023-
As the leader in cybersecurity services, IronTech Security wants to support you as you serve your members. We believe creating a security-first culture starts with identifying and preventing employee technology vulnerabilities before they cause a breach.
 
Attached is an article titled “What is the CEO’s Role in Cybersecurity?”

what_is_the_ceo’s_role_in_the_cybersecurity.pdf
File Size: 256 kb
File Type: pdf
Download File

Proudly powered by Weebly
  • Home
    • HRWA Team & Board Members
    • HRWA Board Meeting Agenda
    • Newsletter/Magazine
  • Join Us
    • System Membership
    • Associate Membership
    • Career Opportunities
  • Services
    • Water/Wastewater CR
    • EPA >
      • DSO Study Guide Videos
      • WTPO Study Guide Videos
    • Source Water Protection
    • Fee-Based
    • Activities
  • Training
  • Resources
    • Cyber Security
    • Lead and Copper Rule Resources
    • EPA
    • NRWA
    • USDA RD
    • HI SWARN
    • COVID-19 Information & Resources
    • Other
  • Associate Links
  • HRWA Conference
  • Apprenticeship Program