Skip to content

Cyber Security for the Water Sector

Cyber Security for the Water Sector

 EPA has released its letter to the White House related to cybersecurity within the water sector.

See a letter from Director Peter Grevatt at:

 EPA has indicated the Agency will pursue a voluntary partnership model – rather than  a regulatory approach – to manage cybersecurity risks at water utilities.

 If the voluntary partnership model is not successful in achieving widespread implementation of the Cybersecurity Framework or if warranted by a changing cybersecurity risk profile, the EPA can revisit the option of using general statutory authority to regulate cybersecurity in the Water and Wastewater Systems sector.

 Therefore, I encourage you to use the AWWA guidance and tool, the Process Control System Security Guidance for the Water Sector and the supporting Use-Case Tool found at:

 This is in keeping with EPA’s elements of an active and effective protective program at a water utility and this requires a commitment to action as part of an all-hazards risk management strategy as recommended in ANSI/AWWA G430: Security Practices for Operations and Management.

 Patti Kay Wisniewski
Drinking Water Security Coordinator
Drinking Water Branch (3WP21)
US EPA Region 3
1650 Arch Street
Phila, PA 19103


215-514-7893 (cell)

Visit our updated regional security/preparedness and climate adaptation webpage at:

  • PA-AWWA Recognizes Our Gold Sponsors

    Partnership for Safe Water



  • Public Notification Providers

Find us on Facebook
Back to Top