From the U.S. Government Accountability Office, www.gao.gov

Transcript for: GAO: Cybersecurity Risks to U.S. Water and Wastewater
Systems, EPA Urgently Needs a Strategy

Description: A cyberattack on U.S. drinking and wastewater systems
could, for example, produce drinking water with unsafe levels of
bacteria or chemicals. Nations, cybercriminals, and others have targeted
some of the nearly 170,000 U.S. water systems, which are increasingly
automated. The Environmental Protection Agency (EPA) leads water
cybersecurity efforts. It has worked with the water sector to improve
cybersecurity. However, EPA hasn't identified and prioritized the
greatest risks sector-wide. It also relies on water systems to
voluntarily agree to improve cybersecurity. We recommended that EPA
develop a national cybersecurity strategy, assess whether it needs more
authority, and more.

Related GAO Works: GAO-24-106744, Critical Infrastructure Protection:
EPA Urgently Needs a Strategy to Address Cybersecurity Risks to Water
and Wastewater Systems

Released: August 2024


[ Text On-Screen ]

Increasing cybersecurity risks to the U.S. Water Sector

Recent Cyber Incidents highlight the vulnerability of nearly 170,000
water systems.

Congress asked GAO to review Cybersecurity-related threats to the U.S.
Water Sector & the Federal Government's efforts to address them.

What GAO Found:

- EPA has not identified & prioritized the greatest risks to the U.S.
  Water Sector

- EPA relies on a voluntary approach to improving cybersecurity

Find out more including our recommendations at GAO.gov 

[ End ]

For more info, check out our report GAO-24-106744 at: GAO.gov