Cybersecurity Requirements and the Drinking Water Cybersecurity Grant Program
October was National Cybersecurity Awareness Month and the New Hampshire Department of Environmental Services (NHDES) Drinking Water and Groundwater Bureau (DWGB) celebrated by highlighting the importance of implementing strong cybersecurity practices in the water sector. Cybersecurity is one of the top threats to critical infrastructure. It is important for drinking water and wastewater systems to examine cybersecurity vulnerabilities and develop a risk mitigation program to reduce the number of cyberattacks and prevent them from impacting operations.
NHDES has taken a proactive approach by creating the Cybersecurity Implementation Grant Program utilizing $2 million in American Rescue Plan Act (ARPA) funds to improve cybersecurity measures at approximately 30 drinking water and wastewater systems. Additional grant funding will be available soon to continue this program.
NHDES strongly encourages public water systems take the first step by having a cybersecurity assessment conducted. An assessment will help identify gaps in cybersecurity practices and determine next steps for implementing measures to improve cyber resiliency. The Cybersecurity and Infrastructure Security Agency (CISA) offers free cybersecurity assessments that can be scheduled by contacting richard.rossi@cisa.dhs.gov or (202) 770-8991. EPA offers a Water Cybersecurity Assessment Tool or free cybersecurity assessments that can be scheduled by visiting EPA’s Water Sector Cybersecurity Evaluation Program.
NHDES advises drinking water and wastewater systems to report anomalous cyber activity and/or cyber incidents 24/7 to report@cisa.gov or (888) 282-0870. Keep your thresholds low, and don’t be afraid to report something that doesn't seem right.
Thank you for maintaining a system that is resilient and secure. If you have any questions or need more information on NHDES cybersecurity resources, please visit the Water System Cybersecurity website.