In a significant move to fortify critical infrastructure against escalating cyber threats, the small city of Mission, Texas, has become a crucial pilot site for an innovative cybersecurity training program. Developed by the Cybersecurity for Manufacturing Innovation Institute (CyManII) at The University of Texas at San Antonio (UTSA), this initiative equips water treatment facilities with the essential tools and practiced responses needed to defend against sophisticated digital attacks. This development is part of a larger, trending effort in Texas to enhance state-wide cybersecurity resilience.
The Pervasive Threat to America’s Water Systems
America’s water and wastewater systems are increasingly recognized as prime targets for cybercriminals and nation-state actors. A 2024 report from the Environmental Protection Agency’s (EPA) Office of Inspector General revealed that over 300 water systems, serving more than 100 million people, are at significant risk of cyberattacks. Alarmingly, a more recent assessment indicated that over 70% of surveyed water systems failed to meet baseline EPA cybersecurity standards, exposing them to potentially crippling vulnerabilities.
These systems often rely on aging infrastructure and complex Supervisory Control and Data Acquisition (SCADA) systems, making them susceptible to exploitation. Attacks can range from ransomware that disrupts billing and customer service portals to sophisticated intrusions that tamper with operational technology (OT). Such disruptions can lead to service outages, compromise public health through water contamination, or cause irreparable physical damage to vital infrastructure. Real-world incidents, including ransomware attacks on Veolia North America and Southern Water, underscore the urgent need for enhanced security measures. In Texas itself, multiple water and wastewater plants have experienced cyber intrusions, highlighting the immediate risk within the state.
CyManII and UTSA: Leading the Charge in Cyber Defense
The Cybersecurity for Manufacturing Innovation Institute (CyManII), a Department of Energy institute based in San Antonio, Texas, is at the forefront of developing solutions. In collaboration with The University of Texas at San Antonio (UTSA), known for its robust cybersecurity research and education programs, CyManII has engineered a comprehensive cyber training program. This program is designed to bridge the gap between theoretical knowledge and practical application, allowing critical infrastructure organizations to simulate real-world attack scenarios and refine their defense strategies.
The training offers a flexible, “a la carte” selection of modules, including simulated cyberattack exercises, in-depth cyber risk assessments, and participation in the Cyber Readiness Program (CRP). The CRP, developed in partnership with the Cyber Readiness Institute (CRI), focuses on human behavior and provides organizations with actionable checklists, policy templates, and training materials to foster a culture of cybersecurity. UTSA’s long-standing commitment to cybersecurity, through initiatives like its Center for Infrastructure Assurance and Security (CIAS), further bolsters the effectiveness of these training efforts.
Mission, Texas: A Proving Ground for Preparedness
The water treatment facility in Mission, Texas, a city located near the Texas-Mexico border, was selected as a pilot site for this critical training. City officials recognized the program as a vital opportunity to strengthen their cybersecurity posture and equip personnel with the necessary tools to respond effectively to future cyber threats. The two-day pilot exercise involved both technical teams and leadership, allowing them to test existing incident response plans and make crucial decisions in real-time.
Andy Garcia, assistant city manager of Mission, emphasized the program’s value, stating, “This is the first comprehensive exercise that we did in emergency management specifically focused on cybersecurity.” He added, “I would recommend [this training] to other cities because it allows you to take your disaster recovery plan and put it to use. It lets you see how you’re able to stick to your policies and procedures. You want to make decisions quickly. It would be beneficial to every city”. This hands-on approach, focusing on both immediate technical responses and strategic leadership decisions, aims to build resilience against increasingly sophisticated threats.
Texas’s Broader Cybersecurity Offensive
The initiative in Mission is part of a larger, trending strategic push within Texas to enhance its cybersecurity defenses. Governor Greg Abbott has declared cybersecurity an emergency legislative priority, recognizing the escalating sophistication and frequency of global cyber threats. A significant development is the impending establishment of the Texas Cyber Command (TCC), a centralized authority mandated by House Bill 150, to safeguard the state’s public agencies and critical infrastructure.
Headquartered in San Antonio and leveraging the extensive cybersecurity expertise of UTSA, the TCC will coordinate cyber defenses across all levels of government, anticipate and detect threats, and foster cybersecurity awareness and training. This move signifies Texas’s commitment to building a robust, proactive defense infrastructure to protect vital sectors, including energy, transportation, and water, from adversarial actions by foreign adversaries and cybercriminals. The state’s investment in institutions like CyManII and its collaboration with UTSA are key components in this comprehensive strategy to secure the state’s digital future.
Securing the Future, One Town at a Time
The cybersecurity training pilot in Mission, Texas, represents a vital step in a broader national effort to protect critical infrastructure. By providing practical, hands-on experience and fostering a proactive cybersecurity culture, programs like CyManII’s are indispensable in preparing communities for the inevitable challenges of the digital age. As threats continue to evolve, such initiatives are paramount to ensuring the security and resilience of essential services across Texas and the nation.
