Congress Hears Testimony on Cybersecurity Issues; NACWA Security Committee Meets
John Sullivan, Chief Engineer for the Boston Water and Sewer Commission and a member of the NACWA Board of Directors, testified last week on behalf of the Water Information Sharing and Analysis Center (WaterISAC) before the House Transportation and Infrastructure (T&I) Committee.
The hearing was entitled “The Evolving Cybersecurity Landscape: Industry Perspectives on Securing the Nation's Infrastructure”. It focused on the issue of cybersecurity and industry perspectives about the gaps in the nation’s ability to prevent, prepare for, respond to, and recover from cyberattacks against critical infrastructure.
Sullivan’s testimony highlighted the need for protecting the nation’s critical infrastructure against a growing range of cyber threats as an issue of increasing urgency. Specifically, his testimony provided an overview of the cyber risks faced by water and wastewater systems, the sector’s response thus far, and the importance of Congress providing more cyber resources to public utilities directly. He also highlighted the importance of expanding WaterISAC utility membership, especially for small and medium-sized utilities.
During a line of questioning, Sullivan also discussed the importance of better understanding and studying the impacts of potential federal reporting requirements and the ability of a utility system to respond during and after an incident.
It is unclear at this time if and what direction Congress may potentially take legislatively with regards to cyber regulation and/or mandating cyber reporting requirements on public clean water utilities.
In a related development, NACWA held a call with its Security & Emergency Preparedness Committee this week to ensure that any potential legislation or regulatory actions reflect the sector’s needs and do not place onerous requirements or have unintended consequences on clean water utilities. Committee members discussed their own progress with improving cybersecurity, as well as the challenges they have faced in the process and their opinions on mandatory versus voluntary measures to improve the cybersecurity of the sector. NACWA will continue to gather member input on cybersecurity proposals that will affect the sector.