Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack targets. The potential for attack is too great to ignore, with potentially devastating consequences. On Wednesday, the Center on Cyber and Technology Innovation (CCTI) and the Cyberspace Solarium Commission (CSC 2.0) released policy statements based on a recent panel discussion titled “Strengthening the Cybersecurity of American Water Utilities.” Water may be the greatest vulnerability in our national infrastructure, said Samantha Ravich, chair of CCTI. Much of the problem lies in just how decentralized water systems are, she explained. “Each of these systems operates in a unique threat environment, often with limited budgets and even more limited cybersecurity personnel to respond to these threats,” she said. “Conducting federal oversight of, and providing sufficient federal assistance to, such a distributed network of utilities is inherently difficult.” Panelists included representatives from government and environmental agencies, including the Environmental Protection Agency (EPA), American Water Works Association and congresspersons within the United States House of Representatives.