Nuclear Cybersecurity: Risks and Remedies

Report

Nuclear Cybersecurity: Risks and Remedies

The Fissile Materials Working Group (FMWG), in partnership with the Stimson Center, hosted a 1.5-day off-the record (Chatham House Rule) Nuclear-Cybersecurity Workshop, which took place at the Vienna Center for Disarmament and Non-Proliferation. The invitation-only workshop comprised a group of two dozen cybersecurity experts and stakeholders in the nuclear industry, including operators, transporters, regulators, states, and nuclear security analysts. The group discussed cybersecurity risks affecting the nuclear sector and explored what needed to be done, across the board, to manage those risks. Consequently, the experts suggested that NGOs – given that they are wellpositioned to facilitate conversations among the various stakeholders – prioritize the following four action items:

This report outlines what was covered throughout the workshop. At the end of the report, there is a list of next steps the NGO community – as well as other stakeholders – should consider taking to reduce the cybersecurity risks affecting the nuclear sector. The FMWG and Stimson’s immediate next step is to share these findings with the nuclear and cybersecurity community, and to explore future collaboration amongst key stakeholders.


 

The Stimson Center and Fissile Materials Working Group (FMWG) launched their report, Nuclear Cybersecurity : Risks and Remedies, on Capitol Hill on June 11 in a panel event co-hosted with the Congressional Nuclear Security Working Group Caucus. In an effort to address the gap in cyber nuclear security, the FMWG and Stimson brought together two dozen cyber security experts and stakeholders in the nuclear industry to address the cyber security risks to nuclear infrastructure and produce this report. The report highlights stakeholders can work to manage security risks. Rep. Bill Foster (D-IL) provided remarks and took part in the discussion with panelists including report authors, Debra Decker, Stimson Senior Advisor, and Kathryn Rauhut, Stimson Nonresident Fellow. The panel also included workshop participant Eric Chien of Symantec and was moderated by Emily Frye of MITRE. The discussion focused on the possible next steps for Congress in addressing cyber security in the nuclear sector.