15 Cybersecurity Fundamentals

for Water and Wastewater Utilities

Great list originally published by WaterISAC on the 15 Cybersecurity Fundamentals for Water and Wastewater Utilities. Easy to consume info-share for those looking for high-level guidance:


  1. Perform Asset Inventories

  2. Assess Risks

  3. Minimize Control System Exposure

  4. Enforce User Access Controls

  5. Safeguard from Unauthorized Physical Access

  6. Install Independent Cyber-Physical Safety Systems

  7. Embrace Vulnerability Management

  8. Create a Cybersecurity Culture

  9. Develop and Enforce Cybersecurity Policies and Procedures

  10. Implement Threat Detection and Monitoring

  11. Plan for Incidents, Emergencies, and Disasters

  12. Tackle Insider Threats

  13. Secure the Supply Chain

  14. Address All Smart Devices (IoT, IIoT, Mobile, etc.)

  15. Participate in Information Sharing and Collaboration Communities

Jego Logo (Medium 1000ppi) (v0.1).gif