Water Cybersecurity Enhancement Act of 2025
- Bill Number
- H.R. 5868
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Environmental Protection
- Status
- Introduced
- Latest Action
- 2025-10-28: Referred to the House Committee on Energy and Commerce.
- Last Updated
- 2026-01-17T09:05:50Z
AI-Generated Summary
Purpose
The Water Cybersecurity Enhancement Act of 2025 aims to strengthen the cybersecurity of public water systems in the United States by amending the Safe Drinking Water Act. It expands a federal grant program to include funding for training on protecting water infrastructure from cyberattacks and responding to them, helping to make drinking water supplies more secure and resilient against digital threats.
Key Provisions
- Extension of Grant Program: Authorizes grants under the Drinking Water Infrastructure Risk and Resilience Program from fiscal years 2026 through 2031 (previously limited to 2020 and 2021).
- Eligible Activities: Allows grants to fund participation in training programs, as well as the purchase of training manuals and guidance materials, focused on security and resilience. This specifically includes:
- Protecting community water systems (public utilities that provide drinking water to households and businesses) from cyberattacks.
- Responding effectively to cyberattacks.
- Administration: The program is managed by the Environmental Protection Agency (EPA), which awards grants to help water systems assess and address risks.
Significant Changes to Existing Law
- Updated Authorization Period: Shifts the program's funding eligibility from the expired years of 2020 and 2021 to a new six-year window (2026–2031), reviving and extending the initiative.
- Expanded Scope: Replaces a previous subparagraph on eligible activities to explicitly incorporate cybersecurity training and resources, broadening the program's focus beyond general physical and operational risks to include digital threats like hacking or ransomware attacks on water treatment and distribution systems.
Potential Impacts
- On Government Agencies: The EPA will need to allocate resources for grant administration, potentially increasing oversight and technical support for water utilities. This could enhance federal coordination on critical infrastructure protection.
- On Citizens: Improves the safety and reliability of public drinking water by reducing the risk of disruptions from cyberattacks, which could otherwise lead to contamination, shortages, or service outages affecting public health and daily life.
- On International Relations: Minimal direct impact, though it indirectly bolsters U.S. critical infrastructure resilience, which could influence global discussions on cybersecurity norms for essential services like water supply.
Main Stakeholders Affected
- Community Water Systems: Public utilities serving over 90% of Americans, who can now access federal funding for cybersecurity training to better safeguard operations.
- Local Governments and Water Operators: Benefit from enhanced training resources, enabling them to build expertise in cyber defense without bearing full costs.
- Federal Agencies: Primarily the EPA, which implements the program, and potentially the Department of Homeland Security, which advises on cybersecurity for critical infrastructure.
- Citizens and Communities: End-users who rely on safe drinking water, gaining indirect protection from cyber-induced vulnerabilities.
Notable Legal, Constitutional, or Political Implications
- Legal Implications: Reinforces the Safe Drinking Water Act's framework by integrating modern cybersecurity needs into existing risk management tools, without creating new regulatory burdens. Grants are voluntary, so no mandates on water systems.
- Constitutional Implications: Aligns with Congress's authority under the Commerce Clause to regulate interstate environmental and infrastructure matters; no apparent conflicts with federalism, as it provides optional federal support to state and local entities.
- Political Implications: Addresses rising concerns over cyberattacks on U.S. infrastructure (e.g., recent incidents targeting utilities), signaling bipartisan priority on national security. By extending funding, it promotes proactive defense against evolving threats, potentially setting a precedent for similar expansions in other sectors like energy or transportation.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Rep. Wilson, Frederica S. [D-FL-24]
Cosponsors (9)
Del. Moylan, James C. [R-GU-At Large], Rep. Mann, Tracey [R-KS-1], Rep. Thompson, Bennie G. [D-MS-2], Rep. Fields, Cleo [D-LA-6], Del. Norton, Eleanor Holmes [D-DC-At Large], Rep. Davis, Danny K. [D-IL-7], Rep. Sykes, Emilia Strong [D-OH-13], Rep. Williams, Nikema [D-GA-5], Rep. Fitzpatrick, Brian K. [R-PA-1]
Recent Actions
- 2025-10-28: Referred to the House Committee on Energy and Commerce.
- 2025-10-28: Introduced in House
- 2025-10-28: Introduced in House
Bill Versions
- Water Cybersecurity Enhancement Act of 2025 — issued 2025-10-28 — PDF (2 pages)