Cyberattacks on water systems are becoming a genuine concern worldwide. Technological advancements and more automation have increased the vulnerability of critical infrastructure systems, like the water supply, to sabotage. Attacks can range from theft of customer data to disruption of service or worse, injecting chemicals above desired levels. With water being critical for both human life and socio-economic development, safeguarding that water supply is vital. However, many water systems are managed by private companies, who focus on the bottom line; not seeing the investment in security to be profitable.
This has been the case in Israel, where much of the water distribution systems are managed by profit-oriented utilities. But there are other obstacles beyond the budget. In a recent study in the Journal of Water Resources Planning and Management, authorsNaama Shapira; Ofira Ayalon; Avi Ostfeld, F.ASCE; Yair Farber; and Mashor Housh, M.ASCE, seek to understand different stakeholders’ perspectives on the issue of cybersecurity in the Israeli water sector.
Their research entitled “Cybersecurity in Water Sector: Stakeholders Perspective” looks at the knowledge gaps and barriers involved. Learn more about this study, and the authors’ hypothesis that the trends and insights they obtained are similar across the world.
Read the full paper in the ASCE Library: https://doi.org/10.1061/(ASCE)WR.1943-5452.0001400
Abstract
Cyberattacks on critical infrastructure systems are becoming a significant concern. Sabotage and destruction of critical infrastructures may cause devastating impacts on physical systems, economic security, public health, and safety. The water sector is one of the most critical infrastructures, and as such, identifying and managing cyber threats on the water sector’s facilities is crucial to providing a continuous and safe supply of water. This study reports on a stakeholder engagement process conducted in the form of an active workshop that aims to show different stakeholder’s perspective on cyber threats, knowledge gaps, and barriers to implementations of cybersecurity procedures and technologies in the water sector. The workshop, demonstrated on the Israeli water and cyber sectors, brought together 45 professionals from the water and cyber sectors (government, academia, utilities, consultants, and commercial suppliers). In the cybersecurity domain, many studies focused on developing algorithms, but only a few considered the organizational and policy aspects of the problem. The present study addresses this gap and presents an example demonstrating the importance of integrating stakeholder engagement into decision making in the water domain. The workshop’s findings are summarized and analyzed to highlight top priority activity areas and suggest required actions according to the stakeholders’ perspective, which can help shape the landscape of the water sector’s cybersecurity.
Read the full paper in the ASCE Library: https://doi.org/10.1061/(ASCE)WR.1943-5452.0001400
