During a session on cybersecurity at the ECOS Fall Meeting earlier this month, Maryland Department of the Environment Secretary Serena McIlwain discussed the state’s Cybersecurity Action Plan for Water and Wastewater Systems. The blueprint addresses critical cybersecurity vulnerabilities within the state’s water and wastewater infrastructure and sets a foundation for a long-term resilience strategy.
The document provides an overview of Maryland’s cybersecurity initiatives, detailing the criteria for covered systems and the state’s authority and approach to cybersecurity assessments. The plan outlines other key actions including developing mitigation plans, implementing security controls, ensuring emergency preparedness, and leveraging available resources for comprehensive protection and resilience. It also cites previous cybersecurity efforts and the regulatory framework supporting these initiatives.
This initiative is driven by the need to protect these essential systems from increasingly sophisticated cyber threats, as outlined by recent federal advisories and the Modernize Maryland Act of 2022 (HB1205), and in direct response to the March 2024 White House National Security Council letter to Governors requesting that states develop water system action plans.
