Ready To Respond: A Look At Continuous Risk Analysis In Cyber Security Plans Of Nuclear Power Plants

Nuclear power plants (NPPs) that implement strong security measures to detect suspicious network activities and effective strategies to respond upon detection of a cyber incident can help minimize the consequences of malicious activity involving software exploited through the supply chain or software vulnerabilities. Recent software compromises, such as the 2020 SolarWinds Orion attack and the 2021 attack at a U.S. water treatment facility, did not directly target or affect the nuclear facilities. However, analysis of such attacks should be incorporated in continuous threat and vulnerability management processes implemented at NPPs within their cyber security plans. These events demonstrated how timely detection of malicious activity and effective mitigations can minimize the impact to an organization. This paper discusses the different security measures identified in U.S. Nuclear Regulatory Commission cyber security guidance and international cyber security standards for nuclear facilities that could assist NPP operators with preventing, detecting, and responding to these types of malicious activities involving software and vendor services.