The News That Matters about the Nuclear Industry Fukushima Chernobyl Mayak Three Mile Island Atomic Testing Radiation Isotope

Nuclear Weapon Development and Manufacturing Needs More Cybersecurity, Watchdog Says

Next Gov, By Kirsten Errick,.Tech Reporter, SEPTEMBER 23, 2022

The National Nuclear Security Administration, its contractors and subcontractors need to take cyber steps, according to a new report.

As the National Nuclear Security Administration and its contractors increasingly utilize advanced computers and digital systems to “integrate information systems into nuclear weapons, automate manufacturing equipment and rely on computer modeling to design weapons,” it needs to implement foundational cybersecurity risk management because these systems can be targets of cybersecurity attacks, according to a report released on Thursday.

The Government Accountability Office report noted that federal law and policies identify six practices for a cybersecurity management program. These practices are as follows: “identify and assign cybersecurity roles and responsibilities for risk management”; “establish and maintain a cybersecurity risk management strategy for the organization”; “document and maintain policies and plans for the cybersecurity program”; assess and update organization-wide cybersecurity risks”; designate controls that are available for information systems or programs to inherit”; and “develop and maintain a strategy to monitor risks continuously across the organization.” 

However, GAO found that NNSA and its contractors have not fully implemented these key cybersecurity practices. NNSA has three types of technology or digital environments: traditional informational technology, operational technology and nuclear weapons information technology. GAO stated that NNSA has not fully implemented the cybersecurity practices in its operational technology and nuclear weapons information technology environments………………………………………….

GAO made nine recommendations for NNSA. For example, GAO suggested that the agency should fully implement a continuous cybersecurity monitoring strategy; determine the resources needed for operational technology efforts; delegate risk management roles and responsibilities; develop a nuclear weapons risk strategy; enhance oversight and monitoring of subcontractor cybersecurity. ….


September 22, 2022 - Posted by | safety, USA

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: