CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience

WASHINGTON, DC – The Cybersecurity and Infrastructure Security Agency (CISA),  DC Homeland Security Emergency Management Agency (HSEMA) the Metropolitan Washington Council of Governments (COG), hosted a water system tabletop exercise (TTX) yesterday in the National Capital Region (NCR). The exercise focused on incident information sharing procedures and emergency response and recovery operations related to a hypothetical incident around local water systems as well as mechanisms to help keep the public’s drinking water safe.  

The exercise was not in response to any specific threat and there have been no significant security incidents or changes to the threat or the risk environment impacting the NCR water systems. Rather, this exercise supported the long-standing regional efforts, led by COG, the Interstate Commission on the Potomac River Basin (ICPRB), local emergency management agencies, major water providers, and other water and wastewater utilities to periodically review and improve the preparedness and resilience of the region’s water service systems. The Environmental Protection Agency (EPA), the Sector Risk Management Agency for the Water and Wastewater Sector, supported the exercise. Overall, the exercise contributed to federal goals that strengthen water system resilience locally, regionally, and nationally.

“Drinking water and wastewater systems are an essential community lifeline. A large portion of Water Sector functions are based in the digital world as well as deeply rooted in critical physical infrastructure. It is important to protect these systems from any form of attack to maintain their vital operations,” said Regional Director Bill Ryan, CISA Region 3. “Opportunities to train and exercise emergency plans as a team with our state and local partners allow us to collectively identify ways to keep the public safe, become more resilient and harden our capabilities through proactive multi-agency collaboration, coordination and strategic resource management before an incident happens.”

The exercise provided invaluable feedback to more than a dozen agencies regarding a variety of complex scenarios relevant to their roles and responsibilities. Specifically, the NCR Water TTX tested responses to water system threats focusing on the interconnectedness of water utilities, incident response, continuity plans, customer support, water distribution, and public messaging.

“Planning and preparing for incidents that have significant impacts on public health and safety are only one part of ensuring readiness to respond efficiently. Exercises are the other crucial aspect of testing our plans to improve our ability to successfully address and mitigate the impacts of water system incidents,” said Clint Osborn, Interim Director of HSEMA. “We are collaborating with our local, state, and federal partners so we can hit the ground running when we are faced with incidents that threaten our critical infrastructure.”

Exercises like this one are part of CISA’s continual outreach with public and private sector partners. CISA conducts dozens of exercises per year and actively engages with entities including but not limited to municipalities, sports leagues, critical infrastructure partners, schools, and other organizations around the country to develop and exercise response plans for all potential threats in today’s complex security environment. Individually, CISA and HSEMA participate in various exercises throughout the year on multiple levels and scales. From a national perspective, CISA has staff strategically positioned throughout the U.S. to advise on ways to enhance security and resilience. Every citizen is encouraged to speak up if they see something suspicious. If you see something, say something. Additional resources and tools are available on the agency’s website through its Hometown Security initiative.

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram.