Cybersecurity Tips for Water and Wastewater Utilities October 4, 2024 By Katelyn McLaughlin Security cyber threats, cybersecurity, cybersecurity tips 0 October is Cybersecurity Awareness Month! The water sector can protect its infrastructure, maintain public trust, and ensure the safety and reliability of its services by prioritizing cybersecurity. U.S. EPA has provided some tips on how to avoid cybersecurity threats and keep your utility secure. These tips are outlined below: Passwords Passwords should be at least 12 characters long, unique for each account, and complex. To make a secure password you should incorporate a mix of uppercase & lowercase letters, numbers, and special characters. If your passwords meet these criteria, they generally only need to be changed if they are compromised. It can be challenging to remember multiple passwords, so use a password manager to help. Multi-factor Authentication (MFA) MFA involves using multiple methods to verify a user’s identity, going beyond a simple login. Verification methods can include something you know, such as a password or PIN; something you are, like a fingerprint or facial scan; and something you have, like a key card or security token. Phishing Phishing occurs when criminals use fake emails or social media posts to trick users into clicking on malicious links, which can then install malware onto the system. To identify phishing attempts, ask yourself: Is it too good to be true? Does it request personal information? Does the sender’s email address match who they claim to represent? Are there any spelling or grammar errors? If you detect a phishing attempt, report it to your IT manager or security team as quickly as possible. Do not click on any links, delete the email, and use the “Report Phishing” function in your email (if available.) Update Software Updating software, or patching, involves installing updates released by the manufacturer to close known vulnerabilities and provide the latest features. Enabling automatic updates ensures updates are installed as soon as they are released, though a system restart is usually required. If automatic updates aren’t possible, regularly check for updates manually and create a schedule to make this a habit. Be cautious of fake update pop-ups that urgently demand downloads, as these can lead to malware. If you encounter such pop-ups, run a scan to check for malware. By implementing these cybersecurity tips, you can significantly enhance your protection against cyber threats. Remember, staying informed and vigilant is key to safeguarding your utility. Comments are closed.