The International Atomic Energy Agency (IAEA) has issued its first implementing guide to comprehensively address computer security in order to support experts worldwide in implementing computer security measures to strengthen their national nuclear security regimes.
Computer-based systems play an essential role in all aspects of life, and this is no different when it comes to nuclear and related activities. These systems are used in a variety of ways in the nuclear industry to support the effective, safe and secure operation of facilities and activities engaged in using, storing and transporting nuclear and other radioactive materials.
Because of this key role, these digital systems can be an attractive target for terrorists and saboteurs. They could aim to exploit the potential vulnerabilities of a facility’s digital systems, which could lead to unauthorized access, disruption of operations, and even the sabotage of facilities or the theft of nuclear or other radioactive materials.
“This guide will support Member States in strengthening computer security in their national nuclear security regimes, ensuring the benefits of digital technology can be embraced without weakening the regime and the capacity to protect, detect and respond to cyber threats,” said Elena Buglova, Director of the IAEA Division of Nuclear Security. “Ensuring that these systems are secured against such acts, protects facilities from cyber attacks and sabotage and bolsters other areas of nuclear security by keeping, for example, physical protection and detection systems operational.”
The new publication highlights the need for and provides guidance on how to implement computer security as an integral component of a national nuclear security regime. The guidance supports the development and implementation of an integrated national strategy, regulatory approach, and adherent computer security programs designed to protect computer-based systems, the compromise of which could adversely affect nuclear security or nuclear safety.