By - Jon Brown

Cybersecurity Fundamentals for Water and Wastewater Utilities
January 27-28, 2021 | Online :: Central Time

Download PDFPrint Event Details


The new Cybersecurity Fundamentals course for Water and Wastewater utility professionals will provide a general overview of cybersecurity program development. This online course will give organizational leaders a practical knowledge of basic security measures that can be implemented to address major cyber risks associated with the most common cyber-attacks.  Water and Wastewater industry leaders attending this course will learn about the most common cyber threats, specific counter measures that can be employed by any organization, and the role organizational culture plays in impacting risk mitigating activities against water and wastewater facilities’ critical infrastructure. Leaders will also develop an understanding of how people, processes and technology all work together improve cyber defense efforts.

The key take away from this course is to provide organizational leadership with knowledge needed to be able to ask their team of cyber security professionals the right questions when conducting and internal assessment of their organization’s cybersecurity posture and ability to be resilient to cyber-attacks.

Learning Outcomes

  • Analyze leading trends in next-gen cyber challenges and innovative solutions
  • Discuss social engineering tactics and business email compromise mitigation
  • Review risk management methodology and assessments
  • Communicate strategies for effective cybersecurity prioritization
  • Distinguish important information on cyber contracting and litigation



EUCI has been accredited as an Authorized Provider by the International Association for Continuing Education and Training (IACET).  In obtaining this accreditation, EUCI has demonstrated that it  complies with the ANSI/IACET Standard which is recognized internationally as a standard of good practice. As a result of their Authorized Provider status, EUCI is authorized to offer IACET CEUs for its programs that qualify under the ANSI/IACET Standard.

EUCI is authorized by IACET to offer 1.0 CEUs for this event.


Requirements for successful completion of program

Participants must login each day and be in attendance for the entirety of the course to be eligible for continuing education credit.

Instructional methods

PowerPoint presentations and open discussion


Wednesday, January 27, 2021 : Central Time

8:30 – 9:00 a.m. :: Login and Welcome

9:00 a.m. – 4:00 p.m. :: Course Timing

12:00 – 12:30 p.m. :: Lunch Break

Introduction to Cyber Threat for Water and Wastewater Utilities

  • The Most Common Cyber Threat Attack Vectors
  • Who are the attackers and what do they want
  • The Basics about Advanced Persistent Threat (APT) Teams
  • The Water ISAC Best Practices
  • Cybersecurity Policy
  • The Types of Assessments and Why You Would Use Them

Social Engineering

  • Phishing, Vishing, Smishing
  • Other Social Engineering Methods
  • Being Smart in the Digital World

Business Email Compromises

  • Definition
  • Supply Chain
  • Process Control
  • Procurement Controls
  • Email Security

Lunch Break

Open Discussion on Ransomware and Other Common Malware Variants

General Overview of Technical Counter Measures

  • Cybersecurity Hardware
  • Cybersecurity Software
  • The Cloud
  • Basic Enterprise Architecture  

General Overview of Defensive Architecture

  • Defining Zero Trust
  • Secure Access Service Edge (SASE)
  • Defense in Depth

Thursday, January 28, 2021 : Central Time

8:30 – 9:00 a.m. :: Login and Welcome

9:00 a.m. – 12:00 p.m. :: Course Timing

Basic Elements of Incident Response (Responding to Cyber Attacks)

  • Cyber Incident Management Framework
  • Communications Planning
  • Cyber Incident Walk Through

Cyber Resiliency

  • Emergency response plan
  • The Triad of Emergency Response Planning – Business Continuity, Disaster Recovery and Cyber Incident Response
  • Continuity of operations plan or disaster recovery plan
    • Crisis management teams
    • Manuel overrides and temporary manual operations
    • System redundancy

Assessing Risk and Making Risk Based Decisions

  • Cyber Risks are different from Financial, and Operational Risks
  • Using Threat, Cybersecurity Assessments, Audits and Penetration Tests 
  • Developing meaningful compensating controls
  • Creating the Realistic Risk Assessment

Establishing the Value Proposition for Cybersecurity

Wrap up and Adjourn


Jake Margolis, CISSP, Chief Information Security Officer, Metropolitan Water District of Southern California

Jake Margolis is the Chief Information Security Officer of Metropolitan Water District of Southern California. Jake is an experienced and innovative IT and cybersecurity professional and military veteran with a proven leadership background. Mr. Margolis graduated with his Bachelor of Science in Computer Applications and Networks from Coleman College. Jake has also received a master’s degree in Information Systems and Technology Management.

Online Delivery

We will be using Microsoft Teams to facilitate your participation in the upcoming event. You do not need to have an existing Teams account in order to participate in the broadcast – the course will play in your browser and you will have the option of using a microphone to speak with the room and ask questions, or type any questions in via the chat window and our on-site representative will relay your question to the instructor.

  • You will receive a meeting invitation will include a link to join the meeting.
  • Separate meeting invitations will be sent for the morning and afternoon sessions of the course.
    • You will need to join the appropriate meeting at the appropriate time.
  • If you are using a microphone, please ensure that it is muted until such time as you need to ask a question.
  • The remote meeting connection will be open approximately 30 minutes before the start of the course. We encourage you to connect as early as possible in case you experience any unforeseen problems.


Please Note: This event is being conducted entirely online. All attendees will connect and attend from their computer, one connection per purchase. For details please see our FAQ

If you are unable to attend at the scheduled date and time, we make recordings available to all registrants for three business days after the event

Event Standard RateAttendees

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. more information

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. We use cookies during the registration process and to remember member settings.