Cybersecurity Fundamentals for Water and Wastewater Utilities

October 25-26 | Live Streaming Online

A Program

Click Here to register $1195

If you are unable to attend at the scheduled date and time, we make recordings available to all registrants for three business days after the event

The Cybersecurity Fundamentals course for water and wastewater utility professionals will provide a general overview of successful cybersecurity program development. Designed for organizational leaders in the water and wastewater industry, this online course provides practical knowledge of basic security measures that can be implemented to address risks associated with the most common cyberattacks. 

The key take-away from this course is to provide organizational leadership with knowledge needed to be able to ask their team of cybersecurity professionals the right questions when conducting and internal assessment of their organization’s cybersecurity posture and ability to be resilient to cyberattacks. 

Register today to learn about:

  • The most common cyber threats
  • Specific counter measures that can be employed by any organization
  • The role organizational culture plays in impacting risk-mitigating activities against water and wastewater facilities’ critical infrastructure
  • Leaders will also develop an understanding of how people, processes and technology all work together to improve cyber defense efforts

Learning Outcomes

  • Analyze leading trends in next-gen cyber challenges and innovative solutions
  • Discuss social engineering tactics and business email compromise mitigation
  • Review risk management methodology and assessments
  • Communicate strategies for effective cybersecurity prioritization
  • Distinguish important information on cyber contracting and litigation




9:00 a.m. – 4:00 p.m. : CENTRAL TIME

Introduction to Cyber Threat for Water and Wastewater Utilities

  • The Most Common Cyber Threat Attack Vectors
  • Who Are the Attackers and What Do They Want?
  • The Basics about Advanced Persistent Threat (APT) Teams
  • The Water ISAC Best Practices
  • Cybersecurity Policy and IT Security Frameworks
  • The Types of Assessments and Why You Would Use Them

Social Engineering

  • Phishing, Vishing, Smishing
  • Other Social Engineering Methods
  • Being Smart in the Digital World

Business Email and other Media Compromises

  • Definition
  • Supply Chain
  • Process Control
  • Procurement Controls
  • Email Security
  • Social Media and Related Security

Lunch Break

Open Discussion on Ransomware and Other Common Malware Variants

General Overview of Technical Counter Measures

  • Cybersecurity Hardware
  • Cybersecurity Software
  • The Cloud
  • Basic Enterprise Architecture

General Overview of Defensive Architecture

  • Defining Zero Trust
  • Secure Access Service Edge (SASE)
  • Defense in Depth



9:00 a.m. – 12:00 p.m. : CENTRAL TIME

Basic Elements of Incident Response (Responding to Cyberattacks)

  • Cyber Incident Management Framework
  • Communications Planning
  • Cyber Incident Walk Through

Cyber Resiliency

  • Emergency Response Plan
  • The Triad of Emergency Response Planning – Business Continuity, Disaster Recovery and Cyber Incident Response
  • Continuity of Operations Plan or Disaster Recovery Plan
    • Crisis management teams
    • Manuel overrides and temporary manual operations
    • System redundancy

Assessing Risk and Making Risk-Based Decisions

  • Cyber Risks are different from Financial, and Operational Risks
  • Using Threat, Cybersecurity Assessments, Audits and Penetration Tests
  • Developing Meaningful Compensating Controls
  • Creating the Realistic Risk Assessment

Establishing the Value Proposition for Cybersecurity

Wrap up and Adjourn