Skip to main content

Nuclear Cyber Security and Its Discontents

The minority (that is, the Republicans) on the Senate Homeland Security and Governmental Affairs committee released a report that shows a number of federal agencies, including the Nuclear Regulatory Commission, exercising lax cyber security. In some instances, the brew is rather weak – antivirus software has not been updated at some agencies, which probably has Symantec worried - but there’s some substantial stuff in it, too.

This sums up the report’s finding on the NRC:

Yet just about every aspect of that process [addressing cyber security weaknesses] appears to be broken at the NRC. Problems were identified but never scheduled to be fixed; fixes were scheduled but not completed; fixes were recorded as complete when they were not.

The first thing to note is that this has nothing whatever to do with cyber security at nuclear energy facilities. In some ways, this report confuses network security with what is a much broader topic. Government agency network security has been low hanging fruit when one seeks an issue to publicize, which doesn’t mean it shouldn’t be addressed.

Bill Gross, NEI senior project manager, engineering, who has done a lot of work on nuclear facility cyber security, wrote a blog post for us early last year outlining some of the steps the industry has taken to address the subject. Well worth a read for anyone interested in this issue. His conclusion:

No cyber security program will be 100% perfect.  These interim measures well position the plants to ensure that the public health and safety are maintained, and that the sites will reliably continue to make their significant contribution to the nation’s electrical supply.

---

We can’t really answer for the NRC and what it might need to do to digitally clean its house. We can say that this is a partisan report. Sen. Tom Coburn (R-Okla.), the committee’s ranking member, keeps the pot at a simmer in presenting the report’s findings on his We site.

“Weaknesses in the federal government’s own cyber security have put at risk the electrical grid, our financial markets, our emergency response systems and our citizens’ personal information,” Dr. Coburn said.  “While politicians like to propose complex new regulations, massive new programs, and billions in new spending to improve cyber security, there are very basic – and critically important – precautions that could protect our infrastructure and our citizens’ private information that we simply aren’t doing.”

So, yes, partisan. I’m not sure the report addresses risks to infrastructure or financial markets – agencies overseeing them, perhaps, but that’s not the same thing. It seems to both want and not want regulation; it just depends on what’s being regulated. It’ll be interesting to see how or even if the NRC responds to this report.

Comments

Popular posts from this blog

Making Clouds for a Living

Donell Banks works at Southern Nuclear’s Plant Vogtle units 3 and 4 as a shift supervisor in Operations, but is in the process of transitioning to his newly appointed role as the daily work controls manager. He has been in the nuclear energy industry for about 11 years.

I love what I do because I have the unique opportunity to help shape the direction and influence the culture for the future of nuclear power in the United States. Every single day presents a new challenge, but I wouldn't have it any other way. As a shift supervisor, I was primarily responsible for managing the development of procedures and programs to support operation of the first new nuclear units in the United States in more than 30 years. As the daily work controls manager, I will be responsible for oversight of the execution and scheduling of daily work to ensure organizational readiness to operate the new units.

I envision a nuclear energy industry that leverages the technology of today to improve efficiency…

Nuclear: Energy for All Political Seasons

The electoral college will soon confirm a surprise election result, Donald Trump. However, in the electricity world, there are fewer surprises – physics and economics will continue to apply, and Republicans and Democrats are going to find a lot to like about nuclear energy over the next four years.

In a Trump administration, the carbon conversation is going to be less prominent. But the nuclear value proposition is still there. We bring steady jobs to rural areas, including in the Rust Belt, which put Donald Trump in office. Nuclear plants keep the surrounding communities vibrant.

We hold down electricity costs for the whole economy. We provide energy diversity, reducing the risk of disruption. We are a critical part of America’s industrial infrastructure, and the importance of infrastructure is something that President-Elect Trump has stressed.

One of our infrastructure challenges is natural gas pipelines, which have gotten more congested as extremely low gas prices have pulled m…

Nuclear Is a Long-Term Investment for Ohio that Will Pay Big

With 50 different state legislative calendars, more than half of them adjourn by June, and those still in session throughout the year usually take a recess in the summer. So springtime is prime time for state legislative activity. In the next few weeks, legislatures are hosting hearings and calling for votes on bills that have been battered back and forth in the capital halls.

On Tuesday, The Ohio Public Utilities Committee hosted its third round of hearings on the Zero Emissions Nuclear Resources Program, House Bill 178, and NEI’s Maria Korsnick testified before a jam-packed room of legislators.


Washingtonians parachuting into state debates can be a tricky platform, but in this case, Maria’s remarks provided national perspective that put the Ohio conundrum into context. At the heart of this debate is the impact nuclear plants have on local jobs and the local economy, and that nuclear assets should be viewed as “long-term investments” for the state. Of course, clean air and electrons …