US representatives and senators this week reintroduced a bipartisan bill to boost the cybersecurity of rural water systems by expanding the existing Circuit Rider Program.
The bill, titled the Cybersecurity for Rural Water Systems Act, was introduced in the House by congressmen Don Davis (NC-01) and Zachary Nunn (IA-03), and in the Senate by senators Catherine Cortez Masto (D-Nev) and Mike Rounds (R-SD).
According to the senators who reintroduced the bipartisan legislation, only 20% of the water and wastewater systems across the US are protected from cyber threats now. The bill aims to fundamentally change that.
The Cybersecurity for Rural Water Systems Act of 2025 updates and expands the Circuit Rider Program, which provides technical assistance to rural water system entities serving areas with populations of 10,000 or less.
The legislation adds cybersecurity technical assistance to the program, and authorizes funding for hiring a circuit rider – cybersecurity experts who will ensure small water and wastewater systems are protected from cyber threats.
By establishing a cybersecurity circuit rider program, it aims to assist small water utilities in creating cyber protection and prevention plans, and reporting on the cybersecurity of their systems, through ongoing education, training, and technical assistance.
Amending the Consolidated Farm and Rural Development Act, the bill ensures that entities that operate rural water or wastewater systems can assess their cybersecurity preparedness, address inadequate cybersecurity protection plans, receive funding, and adequately report on their stance and progress.
“The Cybersecurity for Rural Water Systems Act of 2025 will create ‘Circuit Rider’ cybersecurity specialists who will directly deliver onsite training and technical assistance to rural utilities across our nation that lack the technical, financial, and managerial resources and in-house expertise to defend themselves from cyber threats,” National Rural Water Association CEO Matt Holmes said.
The bipartisan bill was initially introduced in 2023, but did not pass the 118th Congress.
Related: House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies
Related: American Water Confirms Hack: Customer Portal and Billing Services Suspended
Related: Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
Related: California Advances Landmark Legislation to Regulate Large AI Models
