Small Team, Big Mandate: Securing Municipal Water Systems
Cybersecurity expectations for water and wastewater systems are changing. Requirements at the federal and state level are expanding, and the control systems they cover, SCADA, PLCs, and the wider plant network, are different from the IT environments most municipal teams know well.
This session offers a clear view of where the regulations are heading and what they mean for a municipal utility. It covers the kinds of threats these systems face, the gap between general IT security and what OT environments require, and a practical, supported path for a small team to gain visibility and bring access under control.
What you will learn
- How water and wastewater cyber requirements are evolving across EPA, AWIA, NY DOH Part 5, and DEC SPDES, and what they mean for a municipal utility
- Why OT systems like SCADA, PLCs, and HMIs call for purpose-built tools rather than standard IT security approaches
- The threats these systems face today, and the common weaknesses behind recent incidents
- Where funding such as SRF and SECURE-type grants can support the work
- A phased, supported approach to gaining OT visibility and bringing access under control, without a plant redesign
Speakers
Florian Doumenc
Florian co-founded Trout Software to make Zero Trust practical for the teams running critical infrastructure. A former Google security engineer with a cybersecurity background from Harvard, he works with municipal water and wastewater operators on securing inherited OT, with the staff they have, before regulation forces the issue.
Marc Hoover
Marc is a U.S. Army Special Forces veteran whose career spans cyber, procurement, and operations management. He works with public sector teams to turn security and compliance requirements into plans they can actually execute, with the resources and timelines they have.