Cyberattacks are the norm in every industry, and the nuclear industry is no different. However, the associated consequences of an attack are different in the nuclear sector, where fears of radiation releases and material diversion greatly influence how risk is analyzed and managed. In an era where erroneous and inaccurate news often spreads on social networks faster than accurate official reports, risk management and incident planning need to be prioritized and given a fresh look. That was just one finding from a workshop on nuclear cyber risks held in Vienna, Austria, in late 2018. The Fissile Materials Working Group (FMWG) – a coalition of 80 organizations from around the world working to keep the world safe from nuclear terrorism -in collaboration with the Stimson Center brought together cybersecurity experts and stakeholders to consider cyber risks in the civil nuclear industry and how to address them. The workshop report, Nuclear Cybersecurity: Risks and Remedies, detailed 10 findings. Since the time of that report, FMWG and Stimson have been working with expert stakeholders to further assess those risks, to consider new emerging risks, and to prioritize actions needed to better manage them. The result is this new policy paper with recommendations, some of which Stimson will work to help effect.