Strengthening Cybersecurity of Water Infrastructure through Legislative Actions

Many water and wastewater utilities are vulnerable to cyberattacks and cyber intrusions. The COVID-19 pandemic has exacerbated this weakness by moving water-related employees to remote work, which has increased vulnerability to cyber threats. However, policymakers recognize the need to strengthen the cybersecurity resilience of water infrastructure, as evidenced by legislative activity. This article reviews four cases of recently adopted cybersecurity legislation at the federal and state levels. The empirical focus is on (1) the America's Water Infrastructure Act of 2018, (2) the Internet of Things Cybersecurity Improvement Act of 2020, (3) the New Jersey Water Quality Accountability Act, and (4) the New York Water Supply Emergency Plans. The legislative review recapitulates the core components of these legislative efforts to amplify strategies for securing and improving water infrastructure.