NIS2 Directive · Multi-AI Analysis · Public Report
The SCADA System Is
the Attack Surface.
A municipal drinking water utility. Annex I essential entity. OT and IT systems increasingly connected. NIS2 imposes specific cybersecurity obligations — and the threat landscape for water systems has been escalating since 2021.
Published May 23, 2026 · Xi AI
The Question Submitted to Three AI Systems
We operate a municipal drinking water utility serving 180,000 residents. Our SCADA systems control water treatment and distribution. IT and OT networks have become increasingly integrated over the past five years. What specific NIS2 cybersecurity obligations apply to us, and how do they address OT/SCADA security specifically?
Where All Three Systems Agree
Confirmed without contradiction across AI1, AI2 and AI3:
- Drinking water supply and distribution is listed in NIS2 Annex I as an essential sector, regardless of size. A municipal water utility serving 180,000 residents is an essential entity by definition.
- NIS2 Article 21 risk management measures explicitly include "security of network and information systems, including physical security and resilience" — OT/SCADA systems are in scope.
- NIS2 Article 21(2)(e) requires entities to assess supply chain security, including third-party vendors providing OT systems, SCADA software, and industrial control systems.
- Incident reporting obligations (24h early warning, 72h notification) apply to any significant incident affecting service delivery — a water quality manipulation event or distribution disruption would trigger reporting to both the NIS2 competent authority and potentially the drinking water supervisory authority.
- The threat landscape is specific: since 2021 (Oldsmar, Florida; Midwest US incidents; European water utility attacks in 2024-2025), water utilities have been explicitly targeted. ENISA has issued specific guidance for the water sector.
The water utility did not need NIS2 to know it was a target. NIS2 gave regulators the authority to verify that the utility had acted on what it knew.
Where the Three Systems Diverge
AI1 — Claude
AI1 focuses on the IT/OT convergence problem as the central NIS2 challenge for water utilities. Classic SCADA security assumed air-gapping — physical separation between OT and IT networks. The past five years of IT/OT integration has destroyed that assumption for most utilities. NIS2 Article 21's requirement for "security of network and information systems" applies across both IT and OT environments, but most water utilities have IT security programmes and OT security as an afterthought. AI1 argues the primary compliance gap is OT asset inventory and vulnerability management: most water utilities cannot tell regulators what OT devices they operate, what software versions they run, or what patches are available. Without this foundation, Article 21 risk management measures are impossible to implement meaningfully.
AI2 — Gemini
AI2 focuses on the dual-authority notification complexity. When a significant cyber incident affects a water utility, NIS2 notification goes to the cybersecurity competent authority (CSIRT/national NIS2 authority). But a water quality or supply disruption simultaneously triggers obligations to the drinking water supervisory authority — a different regulator with different reporting requirements and different incident definitions. AI2 argues that the two notification frameworks are not synchronized: a ransomware attack that does not affect water quality may be a significant NIS2 incident but not a drinking water regulatory incident; a pump failure caused by a cyberattack that does affect supply is both. Water utility compliance teams need a dual-track reporting protocol that operates across both frameworks simultaneously.
AI3 — DeepSeek
AI3 focuses on the supply chain security obligation for legacy OT vendors. Many water utilities operate SCADA systems from vendors who have been supplying the water sector for decades — and who have not built cybersecurity into their products. NIS2 Article 21(2)(d) requires entities to assess the security of their supply chain, including "product security practices of each direct supplier." For a water utility using 15-year-old SCADA systems from a vendor that does not patch regularly and does not publish CVEs, this obligation is extremely difficult to satisfy. AI3 argues the most immediate supply chain security action is demanding software bill of materials (SBOMs) and vulnerability disclosure commitments from OT vendors — most of whom are not yet able to provide them. The supply chain security gap in water sector OT is larger than in almost any other NIS2-covered sector.
The three systems identify three different primary challenges: AI1 says OT asset visibility is the foundation problem. AI2 says dual-authority notification is the operational problem. AI3 says legacy OT vendor supply chain security is the systemic problem. All three are correct — they describe different layers of the same challenge.
The most underappreciated divergence is between AI2's notification point and standard NIS2 guidance. Most NIS2 compliance materials for water utilities focus on cybersecurity measures and stop at "notify the CSIRT." AI2's point that water utilities face simultaneous notification obligations to drinking water regulators is accurate but rarely addressed in generic NIS2 guidance. A water utility that notifies the cybersecurity competent authority within 72 hours but fails to notify the drinking water authority may be compliant with NIS2 and simultaneously in violation of drinking water law.
AI3's supply chain point is the longest-horizon problem. Demanding SBOMs from OT vendors who cannot provide them does not solve the security gap — it surfaces it. Water utilities may be legally compliant with Article 21(2)(d) by documenting that they demanded security information and received none. The underlying OT vulnerability remains.
The Gap None of Them Address
None of the three AI systems address the workforce training dimension specific to OT environments. NIS2 Article 20(2) requires management body members to attend cybersecurity training. Article 21(2)(g) requires entities to provide basic cybersecurity hygiene training. For a water utility, the employees with physical access to OT systems — control room operators, field engineers, maintenance technicians — are not IT staff. They are unlikely to be covered by standard IT security training programmes. A worker who plugs a personal USB drive into an engineering workstation connected to a SCADA system creates a NIS2 Article 21 incident risk that no firewall can prevent. OT-specific security awareness training for non-IT operational staff is the most underinvested NIS2 requirement in the water sector.
Appendix — Raw AI Responses (unedited)
The three responses below are reproduced without synthesis or editing.
As a drinking water utility, you are an essential entity under NIS2 Annex I, Section 7. Your obligations under Article 21 are comprehensive: risk management measures covering your entire network and information systems, including OT/SCADA. The specific challenge for water utilities is OT asset inventory. You cannot manage what you cannot see. The first step in Article 21 compliance is a complete inventory of every OT device — PLCs, RTUs, HMIs, engineering workstations, historian servers — including firmware versions, network connections, and vendor support status. Without this inventory, risk management measures required by Article 21 cannot be systematically applied. The IT/OT convergence you describe has created attack pathways that did not exist when your SCADA systems were installed: an attacker who compromises an IT system connected to your OT network has a potential pathway to your treatment and distribution controls. Network segmentation between IT and OT, with strictly controlled jump hosts for any cross-network administration, is the highest-priority technical control for a water utility in your position.
The dual notification challenge for water utilities is under-discussed in NIS2 guidance. When a significant cyber incident affects your utility, you have NIS2 Article 23 obligations (24h/72h/1-month cascade to the national NIS2 competent authority or CSIRT). But you simultaneously operate under drinking water regulations that require notification to the competent drinking water authority when service quality or supply is compromised. These are different authorities with different reporting forms, different definitions of what constitutes a notifiable event, and different consequence frameworks. My recommendation: create a dual-track incident response protocol before any incident occurs. Define clearly which incidents trigger NIS2 notification, which trigger drinking water notification, and which trigger both. Assign ownership for each notification track to a specific named individual — not a committee. In a crisis, committee-by-committee decision-making on who to notify and when will cause you to miss both deadlines.
The supply chain security obligation in NIS2 Article 21(2)(d) is particularly challenging for water utilities because of the OT vendor landscape. Industrial control system vendors in the water sector — SCADA software providers, PLC manufacturers, remote monitoring system suppliers — have historically operated in a security culture very different from IT vendors. Many do not have formal vulnerability disclosure programmes, do not publish CVEs for their products, and do not provide software bill of materials (SBOMs). NIS2 requires you to assess "the security practices of each direct supplier." For a water utility with SCADA systems from vendors who cannot answer basic security questions, the honest compliance answer is: document your requests, document the vendor responses (or non-responses), and escalate to your competent authority that the supply chain information is not available. This creates a documented record that you have attempted to fulfill Article 21(2)(d) — and surfaces the systemic market failure in water sector OT security to regulators who have the authority to address it at the industry level.