From: Our Water Counts Blog
Connecticut Governor Daniel Malloy released the state’s long anticipated Cybersecurity Action Plan for utilities that include the water sector. The Connecticut Public Utilities Regulatory Authority (PURA) began the process of developing a cybersecurity regulatory approach two years ago that has been thoughtful, risk-based and collaborative. The result is cybersecurity regulation that is both flexible and reasonable.
PURA approached its review of cybersecurity in the state’s utilities from the point of view that cybersecurity risk is multidimensional and constantly evolving. Threats come from both internal and external sources and threat actors range from nation states to criminals and from hacktivists to terrorists. Most importantly, cybersecurity is recognized as a risk management challenge requiring a collaborative effort between industry and government and “not [just] an installed system or capability.”