Serving large communities comes with a never-ending list of challenges, compliance being a core obstacle for many organizations. On October 23, 2018, America’s Water Infrastructure Act (AWIA) was added to the mix, mandating water systems serving more than 3,300 people conduct risk and resilience assessments and develop or update emergency response plans (or potentially face a penalty of up to $25,000 per day for non-compliance).
For many organizations, compliance means pressure — in the form of deadlines, penalties, and reputational risk associated with noncompliance. Securance is committed to helping water utilities hurdle these obstacles with ease.
We are experts in all of AWIA’s cybersecurity requirements, and in the IT and operational technology (OT) systems water utilities depend on to deliver critical services. Your final report will not only help you achieve compliance, but will also set you on the path to truly secure cyber infrastructure.
Our risk and resilience assessment service includes:
We review the design and operating effectiveness of security controls across the technology environment, then perform a gap analysis against NIST standards, including the Cybersecurity Framework and Special Publications 800-53 and 800-82.
We conduct vulnerability and penetration tests of external and internal networks and applications, as well as detailed configuration reviews of firewalls, network devices, and operating systems.
We review the security posture of the operational technology (OT) environment, including industrial control systems (ICS), distributed control systems (DCS), supervisory control and data acquisition (SCADA) systems, and advanced metering infrastructure (AMI).
We review and, as necessary, update the cyber ERP, including disaster recovery and incident response components.
To learn more about our services and start your journey towards AWIA compliance, download our slip sheet or contact us today.
Your organization already has security measures in place for your IT systems, but are you sure they are protecting your systems? The majority of security breaches take months — or even years — to discover. Even with security measures in place, your systems can harbor hidden vulnerabilities that attackers can exploit.
Business leaders hesitate to invest in governance because they think of it as an optional expense. IT leaders resist governance because they assume it will result in micromanagement. However, when properly designed and implemented, IT governance makes life easier for both sides.
As technology becomes more advanced, regulations become more complicated.
