On September 3, 2024, the Michigan Department of Environment, Great Lakes, and Energy (EGLE) announced a pivotal initiative designed to strengthen cybersecurity preparedness for the state’s drinking water and wastewater treatment facilities. This move, in line with National Preparedness Month, represents a critical step in safeguarding Michigan’s vital water infrastructure from increasing cyber threats and potential attacks.
EGLE is spearheading this multi-agency effort in partnership with the Michigan Cyber Command Center (MC3), Michigan State Police, and the Michigan Department of Technology, Management, and Budget (DTMB). The collaborative approach has enabled the provision of a range of resources, including free security awareness training for operators, educational materials, and an extensive online library of technical guides focused on cybersecurity best practices. This comprehensive support aims to equip water sector operators with the knowledge and tools needed to enhance their defenses against both digital and physical threats.
The cybersecurity strategy highlights several essential practices for water utilities to adopt. These include replacing default passwords with complex, unique ones, implementing multifactor authentication, and consistently applying the latest security patches and updates. Operators are also advised to monitor network traffic and system logs continuously for suspicious activity and maintain up-to-date offline backups to safeguard against data loss. These practices are crucial for mitigating risks and ensuring the resilience of water systems against potential cyberattacks.
In addition to these technical measures, the initiative underscores the importance of employee education on cybersecurity threats, such as phishing attacks and social engineering tactics. Regular training sessions for staff members are recommended to enhance their awareness and preparedness. Furthermore, EGLE encourages engaging cybersecurity experts for a thorough assessment of digital infrastructure to identify and address potential vulnerabilities. By providing these resources and guidance, EGLE aims to bolster the security posture of Michigan’s water utilities, ensuring they are well-prepared to face and respond to emerging cyber threats effectively.
Reference:
