An international conference on computer security in the nuclear world opened at the IAEA headquarters in Vienna today, to discuss effective security measures to protect against cyber-attacks on facilities handling nuclear or other radioactive material in an increasingly digitized world.
"Our topic today is of the utmost importance; nuclear activities are growing everywhere in the world and the challenges posed by the malicious use of digital tools is real and is growing," IAEA Director General Rafael Mariano Grossi told the opening session of the International Conference on Computer Security in a Nuclear World: Security for Safety.
Through a video message, the Director General welcomed over 500 participants from across the globe to the week-long conference. He emphasized the need for sound policies, good analyses and viable recommendations in the area of computer security.
The conference has attracted participants from 94 countries and seven international organizations. From 19 to 23 June, the presentations and discussions in plenary and technical sessions will cover eight thematic areas: State-level strategy and regulatory approaches; computer security programme implementation; computer security in supply chain management; implementation of computer security assurance activities; sustainability of computer security; human resources; international cooperation in computer security for a nuclear security regime; and computer security of emerging digital technologies for nuclear activities.
In addition, participants can visit a Cyber Village, and attend eight side events and an exhibition.
Addressing the conference participants, Mr Grossi referred to the newly constructed Nuclear Security Training and Demonstration Centre (NSTDC) at the IAEA's laboratories in Seibersdorf, to be opened later this year. "This will allow us to have yet another facility where many of the activities relevant to the conference will take place for the benefit of all," Mr Grossi said.
At the opening session, participants witnessed a fictitious cyber-attack through a series of videos depicting an attack on an imaginary facility. The narrated scenario highlighted the importance of protecting digital systems, such as instrument and control systems, that are used for key safety and security applications.
In her welcome address, the conference President, Na Young Lee, Director General, Office of Nuclear Nonproliferation in the Korea Institute of Nuclear Nonproliferation and Control (KINAC), invited the participants "to embark on a journey to explore the paramount importance of cyber security in our interconnected world". Lee spoke about the wealth of knowledge and insights that the conference scientific programme offers, including over 100 papers and 34 poster presentations and the cyber village. The conference offers "a comprehensive learning experience allowing for interactive discussions on computer security," she said.
Cyber Village: a hub for raising awareness on computer security for nuclear security
Conference attendees have an opportunity for a hands-on experience. The interactive Cyber Village depicts what computer security entails for facilities handling nuclear or other radioactive material.
The Cyber Village is divided into three areas: a technical exchange area for live demonstrations, a virtual training area, and a third area where selected participating countries and organizations present mini demonstrations. During the Cyber Village sessions, participants can engage with computer security experts to learn and enhance their understanding of the latest developments to identify, detect, mitigate and respond to cyberthreats.
How the IAEA helps countries to improve their computer security
Since 2011, the Nuclear Security Plans implemented by the IAEA have included information and computer security as an essential part of nuclear security measures, along with physical protection. The information and computer security activities currently implemented by the IAEA are outlined in the latest Nuclear Security Plan 2022-2025. The primary focus areas are developing guidance agreed by consensus to address countries' needs with regard to computer security and nuclear security, providing training courses and capacity building in line with the guidance, facilitating information exchange and sharing experiences through technical meetings and other fora, and conducting research activities about computer security.
IAEA Bulletin on computer security
The new IAEA Bulletin, Computer Security in the Nuclear World, features articles on the key elements of a computer security programme, the impact of artificial intelligence on information and computer security, international collaboration, the interface between safety and security, and much more.