Skip to main content

Partnerships and Information Sharing in President Obama's Executive Order on Cyber Security

President Obama at 2013 SOTU
Yesterday President Obama signed an Executive Order aimed at helping nation harden its critical infrastructure against cyber attacks, and introduced it to the nation as part of his State of the Union address.

The Order states, "We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards."

The partnership model has a history of success, and it is prudent to continue and support this model.

The nuclear power industry has an active partnership with the U.S. Department of Homeland Security specifically geared toward enhancing the security of commercial users of nuclear materials.

Under HSPD-7, the industry established the Nuclear Sector Coordinating Council (NSCC), and the government established the Government Coordinating Council (GCC).  These groups meet quarterly under the Critical Infrastructure Partnership Advisory Council (CIPAC) framework.

The NSCC/GCC provides an instrumental forum for organizations engaging in civilian uses of nuclear materials in the U.S. to discuss security issues and work together with our federal partners to enhance security and resilience.

The order also discusses the importance of information sharing. I could not agree more. The nuclear power industry in the U.S. has a proven record of responding in a timely manner to identified threats to the safe operations of our facilities.

Information sharing is integral to establishing a robust cyber security program. As I discussed in a previous blog post on nuclear power plant cybersecurity, our plants have been actively addressing the cyber threat for over 10 years.

The first questions that must be answered when establishing a security program are:
  1. What must be protected?
  2. What must it be protected from?
Information sharing has been instrumental in helping us stay on top of what we must be prepared to defend against.

Under the NSCC/GCC framework, the nuclear sector receives quarterly threat briefings at the SECRET level. The DHS also conducts monthly sector-specific unclassified threat briefings.

So, at a high level, the EO is moving in the right direction. But we cannot lose sight of good work already done.

This new emphasis on the adoption of cyber security practices must consider the existing regulatory frameworks and voluntary initiatives that are already in place.Complexity is the enemy of security. Streamlining and minimizing burden on private entities ensures that resources remain available to respond to real threats.

Ensuring that any new cyber security guidance, practices, or policies does not overlap or duplicate existing practices is essential. For addition details, please consult the NEI backgrounder on Cyber Security.

POSTSCRIPT: The Nuclear Energy Institute’s chief nuclear officer and senior vice president, Anthony R. (Tony) Pietrangelo, made the following comment about the cyber security executive order signed Tuesday by President Obama.

Tony Pietrangelo
“Commercial nuclear energy facilities are well protected from possible cyber threats. The nuclear energy industry has been implementing and improving cyber security controls since 2002, and the federal agency that oversees the nation’s nuclear energy facilities—the Nuclear Regulatory Commission—has established regulations that thoroughly monitor and inspect cyber security at all U.S. reactors.

“To ensure our constant readiness, the industry participates with government agencies to be aware of and assess its readiness for emerging cyber threats. Our facilities are essentially cyber islands, in that safety and control systems are not connected to business networks or the Internet. Unlike industries for which two-way data flow is critical, nuclear power plants do not require incoming data flow.

“Nuclear plants also are protected from grid instability, with multiple backup power supplies that provide for safe shutdown of a reactor in the event of a power blackout. Given that the NRC appropriately exercises authority over the protection of nuclear plant systems from potential cyber threats, it would be counterproductive to have dual oversight of these facilities.”


Popular posts from this blog

A Billion Miles Under Nuclear Energy (Updated)

And the winner is…Cassini-Huygens, in triple overtime.

The spaceship conceived in 1982 and launched fifteen years later, will crash into Saturn on September 15, after a mission of 19 years and 355 days, powered by the audacity and technical prowess of scientists and engineers from 17 different countries, and 72 pounds of plutonium.

The mission was so successful that it was extended three times; it was intended to last only until 2008.

Since April, the ship has been continuing to orbit Saturn, swinging through the 1,500-mile gap between the planet and its rings, an area not previously explored. This is a good maneuver for a spaceship nearing the end of its mission, since colliding with a rock could end things early.

Cassini will dive a little deeper and plunge toward Saturn’s surface, where it will transmit data until it burns up in the planet’s atmosphere. The radio signal will arrive here early Friday morning, Eastern time. A NASA video explains.

In the years since Cassini has launc…

Sneak Peek

There's an invisible force powering and propelling our way of life.
It's all around us. You can't feel it. Smell it. Or taste it.
But it's there all the same. And if you look close enough, you can see all the amazing and wondrous things it does.
It not only powers our cities and towns.
And all the high-tech things we love.
It gives us the power to invent.
To explore.
To discover.
To create advanced technologies.
This invisible force creates jobs out of thin air.
It adds billions to our economy.
It's on even when we're not.
And stays on no matter what Mother Nature throws at it.
This invisible force takes us to the outer reaches of outer space.
And to the very depths of our oceans.
It brings us together. And it makes us better.
And most importantly, it has the power to do all this in our lifetime while barely leaving a trace.
Some people might say it's kind of unbelievable.
They wonder, what is this new power that does all these extraordinary things?

Missing the Point about Pennsylvania’s Nuclear Plants

A group that includes oil and gas companies in Pennsylvania released a study on Monday that argues that twenty years ago, planners underestimated the value of nuclear plants in the electricity market. According to the group, that means the state should now let the plants close.


The question confronting the state now isn’t what the companies that owned the reactors at the time of de-regulation got or didn’t get. It’s not a question of whether they were profitable in the '80s, '90s and '00s. It’s about now. Business works by looking at the present and making projections about the future.

Is losing the nuclear plants what’s best for the state going forward?

Pennsylvania needs clean air. It needs jobs. And it needs protection against over-reliance on a single fuel source.

What the reactors need is recognition of all the value they provide. The electricity market is depressed, and if electricity is treated as a simple commodity, with no regard for its benefit to clean air o…