In the U.S., the government environment service – EPA – has put in place a recent Enforcement Alert on water system security, outlining the urgent cybersecurity threats and vulnerabilities to community drinking water systems.
Howard Goodman, Technical Director at Skybox Security, has told Digital Journal about the critical issues with the OT/IT cybersecurity gap.
According to Goodman the operative word is ‘update’: “The EPA’s recent advisory on cybersecurity threats to water utilities highlights a pressing issue: the operational technology (OT) and information technology (IT) gap. This divide has not only exacerbated vulnerabilities but also expanded the attack surface, complicating the task of achieving comprehensive visibility and control.”
The extent of the problem appears to be considerable, Goodman notes: “Alarmingly, EPA inspections reveal that over 70 percent of water systems fail to meet the cybersecurity standards mandated by the Safe Drinking Water Act.”
The Safe Drinking Water Act (SDWA) is a U.S. law seeking to put in place a minimum standard for water quality. The Act was originally passed by Congress in 1974 to protect public health by regulating the nation’s public drinking water supply.
In terms of putting in place corrective measures, Goodman advises: “Addressing the OT/IT convergence in these utilities requires a robust, multi-faceted strategy. First, enhancing security posture management through the integration of advanced threat detection technologies is critical”.
There are other advantages: “These technologies can provide real-time monitoring and rapid response capabilities. Second, automating compliance processes ensures consistent adherence to regulatory standards, reducing the risk of human error and improving efficiency.”
In terms of additional measures, Goodman advises: “Furthermore, fostering a unified security framework necessitates comprehensive network modeling, which can offer a holistic view of both OT and IT environments. This approach helps in identifying and mitigating potential security gaps. Organizational silos must be dismantled to eliminate security blind spots; a collaborative culture is essential for effective cybersecurity.”
For longer-term solutions, Goodman puts forwards: “Finally, it is imperative to optimize remediation strategies beyond traditional patch management. Employing advanced techniques such as behavioral analytics and predictive maintenance can significantly reduce downtime and enhance system resilience.”
These should lead to robust preventative measures, says Goodman: “These measures are not merely precautionary; they are essential in bolstering the resilience of critical infrastructure against the evolving landscape of international cyber warfare. Proactive and integrated cybersecurity practices will be pivotal in safeguarding our water utilities and ensuring the continuity of essential services.”