Senate Reviews Cybersecurity Threats to US Water Systems

Rep. Mike Gallagher (R-Wis.) right, and Sen. Angus King (I-Maine) testify at Senate hearing “Addressing Cybersecurity Vulnerabilities Facing Our Nation’s Physical Infrastructure” on July 21.
*Photo by Tom Williams/CQ Roll Call Via AP Images*

Officials and water sector professionals warned of ongoing cybersecurity vulnerabilities in the nation’s water and wastewater utility infrastructure at a Senate hearing on escalating cyber attacks against U.S. utilities and water-management organizations.

“I believe that the next Pearl Harbor, the next 9/11 will be cyber, and we are facing a vulnerability in all of our systems, but water is one of the most critical and I think one of the most vulnerable,” said Sen. Angus King (I-Maine), co-chairman of the Cyberspace Solarium Commission to the Senate Environment and Public Works Committee, on July 21.

Rep. Mike Gallagher (R -Wis.) said in his testimony before the committee that 44.8% of U.S. water and wastewater utilities allocate less than 1% of their budget to the cybersecurity of their operational technologies. “This leaves the water sector vulnerable to nation, state, and criminal adversaries and insider threats and gives them the ability to disrupt our critical infrastructure,” he said.

Challenges to the water sector range from maintaining awareness of threats to assessing risks to identifying and remediating vulnerabilities. And a shortage of qualified cybersecurity professionals across the country compounds the problems, Gallagher said. King, Gallagher, committee Chairman Ben Cardin (D -Md.), and ranking member Shelley Moore Capito (R-W.Va.) all noted that the recent cyber intrusion at a water plant in Oldsmar, Fla., was typical of the type of threat the water sector faces.

John Sullivan, chief engineer of the Boston Water and Sewer Commission, said before the committee that while his organization is well-funded and has successfully fended off cyber intrusions without ever paying a ransom, the gaps in both funding and technology savvy between the larger water utilities and operators and ones operated by smaller government bodies are vast. The Boston Water and Sewer Commission is the largest and oldest water system in New England and provides drinking water and sewer services to more than 1 million people daily. “The larger cities are able to afford this, but more information, more timely information is needed,” Sullivan said. “When you get to smaller units of government, there are so many other issues competing for resources.”

Sullivan said that many system managers do not have awareness of security issues, and that many local municipalities need funding to replace outdated systems. He added that switching to newer water system management technologies and engaging in best practices will help water sector managers better understand and fend off cybersecurity threats.

Sen. Moore Capito observed that the average age of water industry professionals is over 50 and that newer recruits look at cybersecurity differently. Sullivan and several other speakers echoed the fact that most professionals in the water management sector are of an older generation. Moore Capito said she expects the committee will include cybersecurity policies in a prospective water bill, which she said the committee is beginning work on.

Looking for quick answers on construction and engineering topics?
Try Ask ENR, our new smart AI search tool. Ask ENR →

“We’re not just going to rely on smart people [who] sit in their chair for 40 years and become super experts,” says Colby Manwaring, CEO of Innovyze, a cloud-based water and wastewater systems management and optimization technology firm recently acquired by Autodesk.

Manwaring told ENR that technology upgrades could free up staff time to better focus on the challenges facing water systems, and not just cybersecurity.

“We want to automate those repetitive, somewhat predictable tasks that are taking smart people’s time, so they can come up with innovative solutions that eventually progress from manual problem solving to semi-manual to automatic,” he said. “I don’t think we’re going to run out of problems to solve in the water industry any time soon.”

ENR Associate Technology, Equipment and Products Editor Jeff Yoders has been writing about design and construction innovations for 20 years. He is a five-time Jesse H. Neal award winner and multiple ASBPE winner for his tech coverage. Jeff previously wrote about construction technology for Structural Engineer, CE News and Building Design + Construction. He also wrote about materials prices, construction procurement and estimation for MetalMiner.com. He lives in Chicago, the birthplace of the skyscraper, where the pace of innovation never leaves him without a story to chase.

Post a comment to this article

Join Groundbreaking Women in Construction (GWIC) in San Diego from June 14 to 16, 2026. This premier leadership conference brings together women across the construction industry to gain practical strategies, grow their network, and advance their careers. Learn from ENR-curated sessions, connect with trailblazing professionals, and walk away with tools that drive retention, innovation, and impact.

Live: June 23, 2026 at 2:00 pm EDT New market dynamics like competitive pressures and workforce evolutions are forcing construction companies to re-prioritize their investments. To strengthen cash flow, accelerate operations, and boost profits, learn how the focus now must be on optimizing digital transformation and financial management.