Get Full Government Meeting Transcripts, Videos, & Alerts Forever!

State audit warns drinking-water systems are vulnerable to cyberattacks; committee refers cybersecurity audit to interim committees

Utah State Legislative Audit Committee · January 30, 2026

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Auditors told the Legislative Audit Committee that many community water systems lack incident-response plans and governance attention to cybersecurity; the audit cited a 2023 Utah ransomware event and recommended requiring systems to adopt cyber best practices; the legislature referred the matter to interim committees for review.

Auditors presented a performance audit examining cybersecurity for drinking-water systems and said operational-technology (OT) devices that monitor pumps, valves and chemical dosing create exploitable vulnerabilities.

The audit team cited a 2023 Utah municipal ransomware incident that locked operators out of control systems and required weeks of manual operation and equipment replacement, and a Florida breach where attackers changed sodium…

Already have an account? Log in

Subscribe to keep reading

Unlock the rest of this article — and every article on Citizen Portal.

Unlimited articles
AI-powered breakdowns of topics, speakers, decisions, and budgets
Instant alerts when your location has a new meeting
Follow topics and more locations
1,000 AI Insights / month, plus AI Chat

See memberships

30-day money-back on paid plans