WaterISAC Quarterly Incident Survey (April 1 - June 30, 2026)

Intro

You may complete the survey until the deadline of 11:59 PM on Friday, July 24. This survey can be completed more than once, in case your utility has more than ten incidents to report in either the physical security or cybersecurity categories.

WaterISAC encourages participants to obtain incident information from others in their organization if possible, or to provide them the survey link to fill out separately. This is especially the case if the participant's responsibilities do not include tracking the kinds of incidents asked about in this survey.

Questions with an asterisk (*) require an answer.
What will WaterISAC do with your response?

Only WaterISAC staff will see your response. Staff will aggregate the information you submit with that of other respondents, providing numerical totals and details of incidents and suspicious activities that have occurred at water and wastewater utilities nationwide and internationally to be presented in its analyses and products, including the upcoming Quarterly Water Sector Incident Summary. When presenting a specific piece of information provided by a utility in WaterISAC's analyses and products, staff will maintain the confidentiality of the utility. Staff will not divulge the utility's name, the names of its personnel, its location, or other details that could be used to clearly attribute the information to the utility. The following is an example of how staff might share a specific piece of information provided by a utility: "A large drinking water utility reported its website was defaced by possible supporters of the Islamic State."

The primary product WaterISAC develops using the information - the Quarterly Incident Report - will be marked TLP:AMBER+STRICT. Recipients may share TLP:AMBER+STRICT information only with members of their own organization on a need-to-know basis to protect their organization and prevent further harm. WaterISAC may use individual incidents or statistics in other products, such as presentations, marked at different TLP levels but will still maintain the confidentiality of utilities. For more information on the Traffic Light Protocol (TLP), visit this Cybersecurity and Infrastructure Security Agency webpage: https://www.cisa.gov/tlp.

WaterISAC will share the analyses and products it develops using the information provided via the survey with its members and partners, which include federal (e.g., EPA and DHS), state, and local government entities and sector associations. For all entities it shares its analyses and products with, WaterISAC will maintain the confidentiality of the utilities who provided information. This policy applies regardless of whether the utility is a member or non-member. What’s more, as a private organization, WaterISAC is not subject to public disclosure laws.

May WaterISAC have your permission to use the information you provide in an aggregated and confidential format in upcoming analyses and products to be shared with other members and partners?
(Required.)