Strategies For Securing Digital Assets In Nuclear Power Plants
- People often don’t recognize there are risks when you open up your network to certain types of technologies or even vendors.
- Know what you have, all the current configurations of those devices, understand what those devices control, and understand how the data is actually working inside those ICS systems.
“Having rogue devices in your OT environment that you don’t have control over is a big problem.”
Unlike some OT environments, nuclear power plants are heavily regulated. Nuclear Regulatory Commission (NRC) inspections, which include an evaluation of cybersecurity, typically occur every two years during scheduled outages for plant refueling. This is also when other plant maintenance occurs, such as updating and re-engineering control systems.