Cybersecurity by design
Understanding the asymmetrical approach to international cybersecurity is critical in implementing universal and comprehensive initiatives to better protect nuclear facilities from cyberthreats. As well as the manifest risk to populations and environments from a release of ionizing radiation, disrupting nuclear energy production might produce severe cascading economic and social effects in the affected state. Nuclear energy is utilized in 31 countries29 and provides around 11 per cent of the world’s electricity.30 While some nuclear power-producing nations, such as Brazil and the Netherlands, rely on minimal nuclear energy for their domestic energy consumption needs, others, such as France, Ukraine and Slovakia, generate more than 50 per cent of their electricity in the form of nuclear energy.31 A disruption to this supply might have sweeping consequences. A 2014 publication identifying CNIs and their dependencies observed that the energy sector was so interconnected to other infrastructures that a disruption would also appreciably affect telecommunications, healthcare, transportation, manufacturing and other critical infrastructures.32 There is a clear imperative to mitigate the possibility and the consequences of a successful cyberattack on the civil nuclear sector.
Supplementary research projects from the academic sphere (which include the seminal Tallinn Manual 2.0), have focused on the legal, regulatory and institutional frameworks crucial for cybersecurity implementation at nuclear fuel-cycle facilities, providing blueprints for the next steps forward.33