The U.S. Environmental Protection Agency is seeking FY 2027 budget authority to expand its Drinking Water Infrastructure Resilience Grant Program to include dedicated cybersecurity funding. The initiative enables water systems to strengthen defenses, upgrade critical infrastructure, and bolster resilience against escalating cyber threats while safeguarding the delivery of safe drinking water.
“In FY 2027, the Agency is proposing $19.1 million for the Information Security Program, an increase of $9.6 million over the FY 2026 enacted level to support responsible implementation of AI initiatives and critical cybersecurity solutions,” the EPA revealed in its ‘FY 2027 EPA Budget in Brief’ document. “This funding will allow for the necessary controls to use leading-edge technologies within the environment and prevent malicious actors from leveraging these technologies to disrupt business operations.”
The agency will continue to bolster partnerships and help states and Tribes lead decision-making processes by leveraging their unique insights and expertise to understand and resolve challenges faced by their communities. This includes offering technical assistance for critical water challenges such as restoring impaired waters, infrastructure upgrades, and cybersecurity. EPA is also committed to providing clean and safe land by accelerating the cleanup of contaminated sites, promoting land revitalization, and encouraging recycling to minimize waste.
In FY 2027, EPA is requesting $127.4 million with 519.3 FTE to support Drinking Water Programs. This includes an increase of $9 million to advance EPA’s ability to respond to water emergencies where water quality poses a risk to public health, and the water system and/or primacy agency may not be able to ensure access to safe drinking water in a timely or effective manner. In FY 2027, EPA is requesting the authority to fund a cybersecurity grant program within its existing Drinking Water Infrastructure Resilience Grant Program to help water systems build cybersecurity infrastructure to address rising threats.
The Budget document said that in FY 2027, EPA will continue to develop collaborative methods with the Intelligence Community to enhance cybersecurity across critical sectors, including water and wastewater. “The agency will also expand its secure video telecommunications capabilities and provide technical advice on biodefense and pandemic preparedness. By engaging with other federal agencies, EPA aims to ensure compliance with environmental standards, facilitating investment and economic growth while safeguarding the environment.”
The document also notes that in FY 2027, the EPA will use AI and cost-efficient technologies to transition internal paper-based and analog administrative processes into modern digital workflows. “This initiative will speed up common administrative tasks and improve internal data collection and reporting and improve cross-agency data interoperability and delivery to the public.”
Additionally, EPA will leverage AI and machine learning capabilities to assist staff with their record responsibilities, including the appropriate scheduling of electronic records. In FY 2027, EPA will invest $19.1 million with 12.3 FTE on information security projects, including $9.6 million with 1.5 FTE in new investments. These resources will increase EPA’s capacity to implement critical cybersecurity solutions, protect the Agency’s IT infrastructure portfolio, and improve EPA’s IT resiliency and limit vulnerabilities in the event of a malicious attack.
“In FY 2027, EPA requests $82.4 million total for the Drinking Water Infrastructure Resilience and Sustainability, Sewer Overflow and Stormwater Reuse Grants, Technical Assistance for Wastewater Treatment Works, and Water Infrastructure and Workforce Investment programs,” according to the EPA. “This amount includes an additional $10 million for the Drinking Water Infrastructure Resilience and Sustainability grants that will help water systems establish and build the necessary cybersecurity infrastructure to address rising threats.”
Highlighting that cyberattacks against water systems are increasing, the EPA pointed out that the disruption of drinking water and wastewater services from cyberattacks would increase the risk of waterborne diseases and fire protection failures, and jeopardize the operation of military facilities, hospitals, and manufacturers. Furthermore, $48 million total is requested for the Reducing Lead in Drinking Water and Lead Testing in Schools grant programs to address lead contamination in drinking water.
Last week, the Department of Energy’s FY 2027 budget framed cybersecurity as a core pillar of national energy security, embedding it directly within efforts to protect and modernize critical infrastructure. The request allocates US$160 million to the Office of Cybersecurity, Energy Security, and Emergency Response to enhance the security of energy infrastructure and its supply chain, while deploying experts to respond to energy crises. This underscores CESER’s role in safeguarding the grid and responding to energy-sector crises amid surging demand from data centers, AI workloads, and advanced manufacturing.
