Cybersecurity

Customer Trust

At Xylem, we seek to inspire trust in our solutions, empowering customers to solve the world’s greatest water challenges with innovative products, services and solutions.

Our Security Strategy

Xylem is a technology company with a commitment to innovation, and the cybersecurity of our solutions through continuous improvement. Along with a risk‐based design and implementation approach, our engineering, development, and cybersecurity teams remain diligently focused on the identification and management of cybersecurity risk. Our strategy includes:

• Secure software development processes closely aligned with industry standard frameworks such as NIST CSF and ISA/IEC 62443-4-1.

• Enterprise datacenters certified to standards including ISO 27001 and SOC 2 Type II.

• Membership in:

  • Water Information Sharing and Analysis Center (ISAC)
  • Joint Cyber Defense Collaborative (JCDC) for Industrial Control Systems (ICS)
  • International Society of Automation Global Cyber Alliance (ISAGCA)
  • American Water Works Association (AWWA)
  • Common Vulnerabilities and Exposures (CVE) Numbering Authorities (CNA)
  • Forum of Incident Response and Security Teams (FIRST)

• Partnership with world-renowned cybersecurity service provider Dragos, offering co-branded incident response and prevention services to Xylem’s customers worldwide.

For more information about managing cybersecurity risks in the utility sector, please read more here.

Xylem Cybersecurity Services and Partnership

As more system operators adopt increasingly connected and integrated solutions, there is a growing need to ensure cybersecurity protections. Since cybersecurity requires a concerted effort:

• You can take advantage of our cybersecurity assessment services to help keep your system secure.
• You are encouraged to use generally accepted IT and cybersecurity best practices.
• For information about reporting an incident involving water resources, please visit https://www.waterisac.org/report-incident.

We thank you for your partnership in ensuring the confidentiality and integrity of data, products, and systems.