Summary:

Hosted by JANUS Associates, this document was developed by the FBI, CISA, and the EPA in response to ongoing and increasing attacks on the US critical Infrastructure.  This 27-page guide is aimed at helping organizations in the water and wastewater (WWS) and other sectors improve their cyber resilience and incident response capabilities. Still, all organizations can benefit from the best practices within this document.

Scope & Key Points

This guide points to the need for facilities to start by building an incident response plan, raising the baseline, and engaging with the community. The guidance also says that when an incident is detected, personnel should evaluate the impacted systems, validate the attack, report it, and analyze it with federal partners, which can also aid in sharing information and mitigating the attack.

 

Additional resources related to this guide can be found here:

  • CISA’s Free Cybersecurity Services and Tools | CISA page
  • National Institute of Standards and Technology (NIST) Special Publication SP 800-61: SP 800-61 Rev. 2, Computer Security Incident Handling | NIST page
  • Cross-Sector Cybersecurity Performance Goals | CISA page