Featuring Tom Mehr, Vice President, Preferred Controls
As water and wastewater systems become more connected and automated, cybersecurity is quickly moving from a technical concern to an operational priority.
Tom Mehr, Vice President of Preferred Controls, has spent more than a decade working at the intersection of controls, automation and system integration. Since joining the company in 2010, he has helped utilities design, secure and maintain the SCADA systems that keep essential infrastructure running 24/7. Today, as part of the Preferred Controls team serving communities across the region, Tom is seeing cybersecurity emerge as one of the most important issues facing utilities of all sizes.
At the center of the challenge is increased connectivity. Modern systems allow operators to remotely monitor water towers, pumps and alarms — often from home or on mobile devices. While that access improves efficiency and response time, it also creates new security considerations.
“Any time you allow remote access into a system, you have to think about how it’s protected,” Tom explains.
Most threats today are not targeted attacks but automated attempts by software scanning networks for vulnerabilities. In many cases, the bigger risk comes from inside — clicking a malicious email link, using weak passwords or failing to keep systems updated. As automation expands, utilities are also seeing more guidance and security audits from state and federal agencies, with stronger cybersecurity expectations likely ahead.
So, what should utilities focus on right now? Tom points to a few practical priorities:
- Use secure remote access, including VPN protection and multi-factor authentication
- Keep operational systems separated from business and email networks whenever possible
- Train staff to recognize phishing and suspicious links
- Keep SCADA and operations computers updated with current security patches
Many communities, he notes, simply need a clear plan. “The goal isn’t perfection — it’s reducing risk and staying ahead of potential vulnerabilities.”