The UK government has laid out its cybersecurity plans for the country’s civil nuclear sector, focused on more testing, security by design and improved collaboration.
The UK boasts the oldest civil nuclear power program globally, which began in 1956 with the opening of the Calder Hall power station.
Today, the technology is an increasingly important part of the government’s plans to reach net-zero carbon emissions but remains a possible target for state-backed threat actors.
Sitting under the government’s National Cyber Strategy 2022 framework is the newly published 2022 Civil Nuclear Cyber Security Strategy.
It outlines four key objectives to be met before 2026:
- Prioritizing cybersecurity as part of a holistic risk management approach and outcome-focused regulation.
- Proactive mitigation of cyber-risk in the sector and across its supply chain against a backdrop of legacy and emerging technologies.
- Enhanced resilience by preparing better for and responding to incidents faster and more collaboratively, minimizing impact and recovery time.
- More collaboration to improve cyber maturity, develop skills and promote a security-first culture.
To achieve these goals, various commitments are outlined in the report. These include the roll-out of Cyber Adversary Simulation (CyAS) assessments and other tests, including a “live cyber incident response exercise” with the National Cyber Security Centre (NCSC) and exercises for senior decision-makers.
The nuclear industry will also aim to set a baseline of supply chain security standards, collaborate on third party and component assurance/management and work with nuclear technology developers on security by design.
“As both the cyber-threat and digital technologies continue to evolve, it is crucial that we make a step change to stay ahead of the curve. Managing cyber-risks requires a whole-of-organization effort, underpinned by strong regulation, supported by sector-wide collaboration, and a positive security culture,” said energy minister Greg Hands.
“The commitments set out in this strategy seek to collectively deliver that shared ambition, ensuring that the UK’s civil nuclear sector will continue its legacy long into our net zero future.”