In a monthly newsletter to drinking water and wastewater treatment plant operators, the Maine Department of Environmental Protection (DEP) provided tips and tools for plants to assess and enhance their cybersecurity.
DEP discussed vulnerability assessments, including what they are, the steps they may include, and the information their results provide. To encourage plant operators to conduct vulnerability assessments, the Department provided a link to EPA’s vulnerability assessment program, which offers free assessments to operators of public drinking water plants and wastewater facilities. The newsletter also linked to information on the Cybersecurity and Infrastructure Security Agency’s free cyber vulnerability scanning for publicly owned treatment works (POTWs) and public water systems. Though not available yet, the Maine National Guard is also developing a program to provide free vulnerability assessments to POTWs.
In addition to providing information on free vulnerability assessments, the newsletter shared information on upcoming free training webinars from EPA on cybersecurity and EPA’s Water Cybersecurity Assessment Tool.
ECOS and state environmental agencies have consistently raised concerns about states not having sufficient resources to adequately support cybersecurity at water and wastewater treatment plants and requested federal government agencies, including EPA, to provide additional funding. Maine DEP is supplementing that work by also encouraging plants to advance cybersecurity using existing federal resources, including technical assistance, training, and grants.