Cyber attacks have come to be one of the primary most concerns of nuclear facility security managers and personnel. The threat of cyber espionage and even sabotage is very real, and nuclear power plants are a natural target. Luckily, as hackers have improved their capabilities, so too have cyber security professionals. Here are a number of steps nuclear plants can take to protect against cyber threats.
The Nuclear Energy Institute, in their April 2015 policy brief on Cyber Security for Nuclear Power Plants, recommends as a key point to isolate critical safety, security, and emergency preparedness systems at all nuclear energy facilities to be isolated from the internet. The internet is the easiest access point for hackers to infiltrate both system controls and data within a nuclear facility. Cut off access by not connecting those critical systems to the World Wide Web. That is your first line of defense.
Layers of Safety
Cyber attacks can come from a variety of different fronts, both digital and physical. It is crucial to the safety and security of a nuclear facility to be protected by both cyber security and physical security plans. For example, power plants are designed to shut down if a disturbance on the electrical grid is detected. In addition, all U.S. nuclear power plants have taken on measure to protect against cyber attack, including isolated key control systems, key safety, strict controls over the use of portable media and equipment, and heightened defenses against an insider threat. In this way, layers of security measures overlap and combine to protect the integrity of a nuclear power plant.
These layers of security are designed to prevent an attack, but it is also important to plan an appropriate response should an attack occur. Whether an attack originates internally or externally, security measures must be in place, and a plan ready should the worst occur. If that attack is successful or deterred by in place security measures, lessons can be learned and improvements made to increase security against potential future attacks.
Technology changes at a continuously rapid rate, for both hackers and security professionals. It is critical for nuclear power plants to stay up-to-the-minute with the latest security technologies, because it is even more likely that hackers are designing new software, malware, and infiltration methods to put your security system at risk. Required updates to cyber protection systems include regular and controlled upgrades to equipment, frequent cyber security impact analyses, assessment of the effectiveness of existing cyber security controls, and enhancements when and where necessary. Vulnerability increases drastically with outdated technology. The importance of the maintenance and continual improvement of a facility’s cyber security systems cannot be stressed enough.
Energy Services Group International is a good source for companies to obtain cyber security resources and for candidates to look for cyber security jobs. ESGI can help you find your next job through our experienced and talented recruiting team. Find out how we can help and get started today!