Cybersecurity Planning

Find valuable resources to support creating a response plan for cybersecurity incidents. 

On this page:

• Addressing Cybersecurity in your America’s Water Infrastructure Act Emergency Response Plan
• Top 8 Cyber Actions for Securing Water Systems 
• Cybersecurity Incident Action Checklist
• Water and Wastewater Sector Incident Response Guide
• Water Sector Cybersecurity Program Case Studies
• Cybersecurity Insurance Considerations
• Other US Government and Partner Cybersecurity Resources

Addressing Cybersecurity in your America’s Water Infrastructure Act Emergency Response Plan

Safe Drinking Water Act (SDWA) section 1433, which was amended by America’s Water Infrastructure Act (AWIA) section 2013 in 2018, requires community water systems (CWS) serving more than 3,300 people to prepare or revise risk emergency response plans (ERPs) and certify to EPA that this work has been completed. SDWA section 1433(b) states that ERPs must “incorporate findings of the [risk and resilience] assessment’ and “shall include strategies and resources to improve the resilience of the system, including…cybersecurity.” The ERP must address the overall cybersecurity resilience of the water system and vulnerabilities found in the cybersecurity assessment portion of the RRA. A utility must incorporate the steps of preparing for, responding to, and recovering from a cyber incident in the ERP. To address cybersecurity concerns in the Emergency Response Plan, a utility can start with the Cybersecurity Incident Action Checklist.

Top 8 Cyber Actions for Securing Water Systems

The Top 8 Cyber Action Fact Sheet highlights the top cyber actions water systems can take today to reduce cyber risk and improve resilience to cyberattacks and provides free services, resources, and tools to support these actions, which can be taken concurrently.

• Principales acciones cibernéticas para proteger los sistemas hídricos (pdf) (353.85 KB, 2/23/2024) (Spanish Version)

Cybersecurity Incident Action Checklist

Cybersecurity Incident Action Checklist (pdf) (684.89 KB, September 2024, 810-B-17-004) : This resource provides on-the-go convenience, to help utilities prepare for, respond to, and recover from a cyber incident through a checklist of activities. The checklist can be added to an Emergency Response Plan to address cybersecurity response. 

Water and Wastewater Sector Incident Response Guide

Water and Wastewater Sector Incident Response Guide (pdf): This guide, co-sealed by CISA, EPA, and FBI, outlines how water and wastewater utility owners and operators can expect to work with federal partners as they prepare for, respond to, and mitigate the impact of a cyber incident.

Water Sector Cybersecurity Program Case Studies

• Small Combined System (pdf) (178.11 KB, April 2024, 817-F24-001)
• Small Wastewater System (pdf) (283.59 KB, 09/2023, 817-F23-003)
• Medium Drinking Water System (pdf) (192.17 KB, 09/2023, 817-F23-004)
• Medium Drinking Water System #2 (pdf) (258.68 KB, December 2023, 817-F23-007)
• Medium Combined System (pdf) (203.87 KB, 12/2023, 817-F23-005)
• Large Combined System (pdf) (204.75 KB, 10/13/2023, 817-F23-008)

Cybersecurity Insurance Considerations

• Cyber Insurance for Drinking Water and Wastewater Systems (pdf) (705.38 KB, October 2024, 810-F-24-31)

Other US Government and Partner Cybersecurity Resources

• CISA Water and Wastewater Cybersecurity offers significant resources, guidance, and tools to assist critical infrastructure facilities, including water and wastewater systems, with cybersecurity.
• United States Department of Agriculture (USDA) Rural Development Circuit Rider Program
• Water Information Sharing and Analysis Center (WaterISAC)
• Presidential Policy Directive 41:  Information on roles that government agencies will perform in the event of a cybersecurity incident.
• Industrial Control Systems Cybersecurity Initiative (pdf) (178.16 KB):  Considerations for ICS/OT Monitoring Technologies with an Emphasis on Detection and Information Sharing.