The potential impact of a compromise of nuclear safety protection systems (safety instrumented systems) could be devastating at both a national and international scale. But a successful cyber attack on basic plant process control systems (automated industrial control systems) could also have real impacts including disruption of operations, damage or destruction of equipment, financial loss, legal penalties, regulatory interventions, and last but certainly not least, profound reputational consequences for the operator, the nuclear industry and for the host government. So robust, resilient and assured cyber security is paramount.
Traditionally, the civil nuclear and critical infrastructure sectors have first-class records for safety and for physical security. But that culture now needs to extend to better understanding and managing the risks associated with the digital environment.
This challenge is compounded by the nature of legacy infrastructure, software applications and shared services, combined with increasingly interconnected digital systems that are ever more exposed to highly capable and motivated malicious threats.
Safely and securely managing this complex and evolving digital environment requires specialist technical expertise in managing cyber risks to industrial control systems and a deep understanding of the sector and its regulatory regimes. At Context, we have the advisory and technical experts with the skills, national security vetting clearances, deep industry knowledge, and regulatory experience to bridge the gap between managing existing safety risks and the developing need to manage emerging security risks, in an integrated, business orientated way.
Faced with serious challenges, limited in-house expertise, and constrained resources, the civil nuclear and critical infrastructure industry in UK, EU and elsewhere is relying increasingly upon Context to be your trusted ‘whole of life’ partner, helping you to understand, plan, procure, deliver solutions to, and assure your cyber security and cyber resilience risks.