Developments in improved monitoring, asset management and resource efficiencies led to the water industry promising a step-change in the design and operation of these facilities: the “blending” of traditional engineering equipment with digital technologies. These apparent benefits inevitably produce new challenges of regulating an emerging techno-political landscape. One of the regulations is Europe’s Network and Information Systems Security Directive which aims to improve cyber security across critical infrastructure providers. This paper focuses on the implementation of NIS in the context of the water sector in England. At the national and supranational levels, NIS acts as a boundary object that gathers diverse communities of practice without the need to establish common goals. Further, in the process of transposing the Directive into the sectoral context, NIS requires interpretation by expert communities. We show how translating the regulatory scope to the sectoral landscape involves prioritizing some water governance goals over others. As diverse expert communities converge in their collaboration practices, their priorities align or stand in tension with public interests. We argue that cyber security regulations have potential to reconfigure water governance by refocusing strategic priorities away from traditional concerns of environmental governance. We suggest ways to maintain diverse collaborations across engineering, computing and water expertise that NIS implementation remains aligned with the goals of water governance.
|Journal||Regulation and Governance|
|Publication status||Accepted/In press - 17 Jun 2021|
- cyber security
- critical infrastructure