Congress eyes next step to protect critical infrastructure

Financial sector companies and water plant operators are both identified as critical, but banks have far more resources and capacity than water plant operators.

“The financial services industry is well-resourced, regulated and capable of acting on both classified and unclassified information,” Rep. Bennie Thompson, D-Miss., said in a statement. “In contrast, the water sector is under-resourced, largely unregulated, and would benefit from concise and properly contextualized safety guidance.”

In 2021, a hacker gained access to a water treatment system in a Florida town and increased levels of sodium hydroxide – otherwise known as lye – to dangerous levels before he is detected and reversed. This type of attack has increased in recent years as more and more control systems are operated through the Internet and information on how to penetrate them spreads online.

A representative of water plant operators recently told Congress about the difficulty some companies are having with increasing cybersecurity.

When CISA and other federal agencies provide cybersecurity alerts and advice to businesses in the 16 critical sectors, those advisories tend to be “highly technical” and “can be difficult to implement by entities that lack of in-house cybersecurity expertise to improve information effectiveness”. sharing,” Kevin Morely, director of the American Water Works Association, said during the House Homeland Security hearing last week.

Comments are closed.