I believe it was the great Irwin ‘Fletch’ Fletcher who said: “It takes a big man to admit when he’s wrong. I am NOT a big man.” Such is the case regarding EPA’s decision to postpone re-establishing public Internet access for certain highly security sensitive categories of information collected by its Risk Management Plan (RMP) Program.
As indicated in my previous post on this subject, EPA was set to disregard the counsel of the Department of Justice, water system owners/operators and security experts by posting the non-Off-site Consequence Analysis (non-OCA) sections of the water sector’s RMPs this summer.
Enter a joint letter by the nation’s major water associations opposing the agency’s decision, a spade of recent news articles highlighting the vulnerabilities that posting such data would expose and a host of correspondences from utility managers imploring EPA to secure the non-OCA information.
Two weeks later, EPA changed course.
However, while the agency says it will postpone listing the RMP info on their website, officials have yet to acknowledge the inherent dangers of publishing it and have stopped short of saying they will not post it in the future.
While I congratulate the Agency’s move to indefinitely postpone the publication of this sensitive information, I am disappointed by their inability to admit they were wrong for wanting to post it in the first place. I’m even more disappointed that the EPA won’t commit to permanently keeping it off the Internet.
So much for trying to be big about the situation…
LAST 5 POST BY L. Vance Taylor
- Amid Controversy and Scandal, Missing the Real Security Issues - June 13th, 2013
- Security for Critical Water Infrastructure – How About Some Help for the Little Guy - May 2nd, 2013
- The Politics of Fear - Is a Cyber Attack Really Imminent? - February 20th, 2013
- Water and Chemical Security - Whitman Got it Wrong - August 30th, 2012
- In the World of Cyber Security, It's Go Time - May 7th, 2012