The following products were developed through collaboration with members of the Dams Sector Government Coordinating Council and the Sector Coordinating Council, which include representatives from the public and private sector. For more information about the Dams Sector please send an email to [email protected].
On this Page:
Dam Sector Overview and Fact Sheets
Dams Sector Profile (2021)
The Dams Sector Profile highlights the diverse composition of the Dams Sector, its benefits, and effects on national security.
Dams Sector Overview (2024)
The Dams Sector comprises dam projects, navigation locks, levees, hurricane barriers, mine tailings impoundments, and other similar water retention and control facilities. Dams are vital to the nation’s infrastructure and provide a wide range of economic, environmental, and social benefits, including hydroelectric power, river navigation, water supply, flood control, and recreation. Most dams and related projects in the United States are privately owned, and a large majority is regulated by state dam safety offices. To enhance the security and resilience of the sector, public and private sector partners collaborate through the Dams Sector Partnership.
Introduction to the Dams Sector Risk Management Agency (2024)
CISA offers many resources to help owners and operators manage risks, improve security, and aid the implementation and execution of protective and response measures across the Dams Sector. This printer-friendly fact sheet lists a sampling of sector collaboration mechanisms, resources, and training materials.
HSIN-CI Dams Portal Fact Sheet (2024)
The Homeland Security Information Network—Critical Infrastructure (HSIN-CI) is the primary system through which owners and operators; the U.S. Department of Homeland Security; and other federal, state, and local government agencies collaborate to protect the nation’s critical infrastructure. Security partners use HSIN-CI to manage operations, analyze data, send alerts and notices, and, in general, share the information they need to do their jobs.
Dams Sector Web-Based Training Courses (2024)
The Cybersecurity and Infrastructure Agency, as the Sector Risk Management Agency for the Dams Sector, collaborated with sector partners to develop a series of web-based independent study (IS) training courses to provide owners and operators and response personnel an opportunity to learn at their own pace about concepts to enhance protection and resilience at sector facilities. As described in this fact sheet, these courses provide information about assessing risks to facilities, understanding common security threats and vulnerabilities, implementing effective protective programs, and improving incident response capabilities within an all-hazards framework.
Dams Sector Resources (2024)
This fact sheet provides an overview of resources available to Dams Sector stakeholders.
Technical Manuals, Flyers, and Tools
Dam Sector Landscape (2024)
There are four major focus areas for Dams Sector security and resilience risk management planning consideration. This document provides a sector-specific characterization of relevant factors and decision-making drivers within those focus areas influencing the current operating environment and security and resilience posture of Dams Sector organizations.
Dams Sector-Specific Plan (2015)
This handbook provides an overview to existing and emerging issues affecting the dams sector and provides information regarding partnerships with DHS/CISA for improving security and resilience.
Dams Sector: Crisis Management Handbook (2021)
The Dams Sector Crisis Management Handbook explains how crisis management is an important component of an overall risk management approach and highlights basic elements of planning intended to minimize the consequences of damage or failure and return dam projects to full operations. Throughout the handbook, listed resources provide owners and operators additional information to continue to learn about and apply crisis management planning principles.
Dams Sector: Active and Passive Vehicle Barriers Guide (2020)
The Dams Sector Active and Passive Vehicle Barriers Guide is intended to assist dam owners and operators with understanding various types of active and passive vehicle barriers and how to incorporate those barriers into facility security plans. The guide also provides a cursory level of technical information regarding barriers and includes references to assist owners and operators in properly designing protective schemes and selecting vehicle barriers and their appurtenant safety and security systems.
This guide is an update to the version originally published in 2010. The need for the guide was identified by the Dams Sector Security Education Workgroup, which is composed of members from the Dams Sector Coordinating Council (SCC) and the Dams Sector Government Coordinating Council (GCC). The SCC and the GCC constitute an effective partnership mechanism for public-private collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) as the SectorSpecific Agency for the Dams Sector.
Dams Sector: Personnel Screening Guide for Owners and Operators (2017)
The purpose of this guide is to assist non-Federal owners and operators of dams, locks, and levees in developing and implementing personnel screening protocols appropriate for their facilities. An effective screening protocol for potential employees and contractor support can contribute to enhanced facility security by ensuring that untrustworthy individuals do not gain employment or access to sensitive facilities or information.
Roadmap to Secure Control Systems in the Dams Sector (2015)
The Dams Sector Roadmap to Secure Control Systems describes a plan for voluntarily improving cybersecurity in the Dams Sector.
Physical Security Measures for Levees (2024)
The Cybersecurity and Infrastructure Agency, as the Sector Risk Management Agency for the Dams Sector, collaborated with sector partners to develop materials to help owners and operators enhance their security posture. This fact sheet introduces foundational concepts included in those materials related to selecting and implementing security measures for levees.
Emergency Preparedness Guidelines for Levees: A Guide for Owners and Operators (2018)
Dams Sector: Waterside Barriers Guide (2017)
This guide provides sector stakeholders with information pertaining to waterside barriers and their use, maintenance, and effectiveness.
Dams Sector: Estimating Economic Consequences for Dam Failure Scenarios (2011)
This report provides information on methodologies for estimating direct and indirect economic consequences resulting from dam failure or disruption. The objective is to assist in the development of consequence assessments that are consistent and can be systematically compared across multiple owners and different jurisdictions.
Dams Sector: Estimating Loss-of-Life for Dam Failure Scenarios (2011)
This report provides information on methodologies for estimating loss-of-life resulting from dam failure or disruption.
Surveillance and Suspicious Activity Indicators Guide for Dams and Levees (2021)
The Surveillance and Suspicious Activity Indicators Guide for Dams and Levees provides dam and levee owners and operators with information on issues related to surveillance objectives, indicators of surveillance and suspicious activity, methods for reporting suspicious activity, and other actions to take to counter surveillance and suspicious activity.
Suspicious Activity Report Flyer (2011)
Dams Sector Cybersecurity Program Guidance (2016)
The Dams Sector Cybersecurity Program Guidance outlines various strategies and methods to develop or improve a basic cybersecurity program, enabling owners and operators to select cybersecurity activities and measures appropriate to their cyber assets and risk profiles. Its purpose is to promote the protection of Industrial Control Systems (ICS) and thereby improve public safety and public confidence.
Dams Sector Cybersecurity Capability Maturity Model: (C2M2) (2022)
The Dams Sector Cybersecurity Capability Maturity Model (C2M2) can help Dams Sector organizations conduct a self-evaluation to build or improve a cybersecurity program, regardless of the type or size of the organization. The Dams-C2M2 Model is the first document in the Dams-C2M2 suite, with the Implementation Guide as the companion document. The suite was updated in 2022 to incorporate up-to-date cybersecurity concepts and practices relevant to the Dams Sector.
Dam Sector Cybersecurity Capability Maturity Model (C2M2) Implementation Guide (2022)
The Dams Sector Cybersecurity Capability Maturity Model (C2M2) Implementation Guide presents a suggested approach to implementing the Dams-C2M2, including evaluating cybersecurity capabilities, communicating capability levels, and informing the prioritization of investments. Options to implement the approach, ranging from simple to complex, can be selected by the organization based on its structure; available personnel and financial resources; and current processes related to planning, gap analysis, and project management. Templates, highlighted in the guide, are accessible for tailoring via the HSIN-CI Dams Portal. Contact the Dams Sector Management Team at [email protected] for information on accessing the templates and on training related to Dams-C2M2 implementation.
Dams Sector Security Guidelines (2015)
The Dams Sector Security Guidelines consolidate effective industry security practices into a framework to help owners and operators select and implement security activities and measures that reduce risk; improve the protection of personnel, public health, and public safety; and reinforce public confidence.
Dams Sector: Cybersecurity Framework Implementation Guidance (2020)
The Framework offers a flexible way to address cybersecurity. It is applicable to organizations relying on technology, including information technology (IT), industrial control systems (ICS), cyber-physical systems (CPS), or connected devices including the Internet of Things (IoT). It complements, but does not replace, an organization’s risk management process, cybersecurity program, or related framework implementation; every organization must decide how to individually implement the Framework.
