Nuclear site remains under ‘significantly enhanced attention’ for cyber security
The UK’s nuclear regulator has dropped the requirement for extra security checks at the UK’s largest nuclear site.
Guarding arrangements at the vast nuclear site in Cumbria, northwest England, have improved enough to allow for routine inspections from the Office for Nuclear Regulation (ONR), rather than requiring “enhanced regulatory oversight”.
The ONR said it could not make public what had triggered the escalation from routine monitoring due to security issues, but said the requirement was dropped following “sustained improvements”.
The site remains under “significantly enhanced attention” for cyber security, the ONR added.
A report published in October by the chief nuclear inspector at the ONR said there had been “historic delays in the delivery of physical security programmes” at Sellafield.
Last year site operator Sellafield Ltd was ordered to pay almost £400,000 (€483,000, $504,000) after it pleaded guilty to criminal charges over years of cybersecurity failings at Britain’s most hazardous nuclear site.
The state-owned company left information that could threaten national security exposed for four years, according to the ONR, which brought the charges. It was also found that 75% of its computer servers were vulnerable to cyber-attack
Gary Wilkinson, head of security and resilience at the site, said the lowering of the monitoring was achieved with work over many months.
“This is a significant achievement and has been a big team effort across the company,” he said.
Paul Dicks, the ONR's director of regulation for Sellafield, said the watchdog had worked closely with the site to deliver the improvements.
The ONR added that it had more than 50 inspectors regulating the site.
