Lawmakers want to expand USDA's Circuit Rider program to cover cyber
A new bill would allow small water utilities to obtain funds for cybersecurity consults.
A bipartisan group of lawmakers on the House Agriculture Committee wants to expand a government program that helps supply technical expertise to small, rural water systems to cover cybersecurity assistance.
The Cybersecurity for Rural Water Systems Act of 2023 from Reps. Don Davis, D-N.C., and Zachary Nunn, R-Iowa, would expand USDA's Circuit Rider program and authorize funding to put technical cybersecurity assistance in place in all 50 states to mitigate existing risks, develop plans to prevent future cyberattacks directed at water systems and report on the cybersecurity of small, rural water systems nationwide. Reps. Angie Craig, D-Minn., and Abigail Spanberger, D-Va., have also signed on as sponsors of the legislation.
The bill authorizes $7.5 million per year over five years to pay for cybersecurity assistance via the Circuit Rider program, which covers public, non-profit and tribal water facilities that serve populations of 10,000 or less.
"The reality is that Iowa’s water supply could be devastated by a single cyberattack right now, so improving the cybersecurity of our water systems must be a top priority," Nunn said in a statement. "Unfortunately, the changes that are needed to keep our water supply safe are often cost prohibitive for smaller rural communities."
Davis stressed the link between rural water supplies and the nation's agriculture, saying, "we must ensure our water systems rural communities and farmers rely on have the necessary protections to successfully guard against cyberattacks."
There are other efforts underway to find funding and capacity for tackling the cybersecurity risks faced by small water systems. A bicameral bill from Sen. Ed Markey, D-Mass, and Rep. Jan Schakowsky, D-Ill., seeks $10 million in grant funding to support participation by small water systems in the Water Information Sharing and Analysis Center through a grant program run by the Environmental Protection Agency.
Additionally, the EPA announced in March plans to identify cybersecurity gaps in public water systems by adding cyber risk assessments to required annual sanitary surveys submitted by states covering public water systems inside their jurisdictions. That announcement was made on the heels of the release of the National Cybersecurity Strategy.