Cybersecurity

Can federal funding fill gaps in rural cyber preparedness?

burying cable at farm (Lakeview Images/Shutterstock.com) 

Optional caption goes here. Optional caption goes here. Optional caption goes here. Optional caption goes here.

State and local infrastructure advocates are seeking increased investments in cybersecurity resources for rural and small communities, pointing to a severe lack in staffing and federal compliance training in some parts of the country.

Sophia Oberton, special projects coordinator for the Delmar Public Works Department in Maryland, urged lawmakers to provide additional funding towards technical training and assistance programs like the Rural Water Circuit Rider Program during a Senate Environment and Public Works Committee hearing on Wednesday.

"I think what happens is when we look at the larger positions, people don't see what's going on in our small towns," Oberton said. "In small areas, you don't have enough employees to cover some of the day-to-day things that need to get done … You need to come down off that chair and come see what's really going on in our areas, and sit down and have conversations and know what the specific needs are. Because each utility is different. Each utility is not the same."

The rider circuit initiative was launched in 1980 with the goal of providing hands-on federal training and technical assistance to water utility managers and other specialists on a range of issues, including compliance with federal regulations and all other aspects of water utility management. Oberton said the program, though currently underutilized among smaller communities and utilities susceptible to cyberattacks, can provide critical cybersecurity training and technical assistance for those areas and local specialists.

However, a majority of water utilities have not even fully assessed their own IT assets, according to a June survey from the Water Information Sharing and Analysis Center (Water-ISAC) that includes responses from more than 530 organizations. Dozens of firms responded that they were "not sure" if they had experienced a cyber incident.

Other witnesses also stressed further training and funding was required in order for the federal government to move forward with its cybersecurity goals featured in President Joe Biden's executive order released in May, which outlined aggressive deadlines for all agencies and stakeholders to begin improving their cyber posture.

Shailen Bhatt, president and CEO of the Intelligent Transportation Society of America, said some water utility firms, other private contractors and federal agencies have been successful in responding to cyberattacks after taking implementing measures featured in the National Institute of Standards and Technology's cybersecurity framework.

"The playbook that I would recommend is the NIST framework for all of the stakeholders," he said. "Their framework for cybersecurity talks about identifying the threats to your system, protecting against those vulnerabilities, detecting attacks on your system, responding to them and then recovering."

About the Author

Chris Riotta is a staff writer at FCW covering government procurement and technology policy. Chris joined FCW after covering U.S. politics for three years at The Independent. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected