Background
In today’s increasingly digital and interconnected world, organisations face a rapidly evolving threat landscape. Cyberattacks are growing in sophistication, frequency, and impact—often outpacing the capabilities of traditional security tools and practices. Adversaries now exploit automation, artificial intelligence (AI), and machine learning (ML) to orchestrate highly targeted, fast-moving attacks across global networks.
For the nuclear sector, these risks carry heightened implications. Nuclear facilities rely on complex industrial processes that were not always originally designed with cybersecurity in mind. Disruption of these systems can have consequences not only for plant safety and security but also for national and international stability. Insider threats, ransomware targeting critical systems, and vulnerabilities in digital supply chains further underscore the urgency of adopting robust cybersecurity measures.
International bodies such as the IAEA have highlighted the importance of strengthening cyber resilience at nuclear facilities. However, translating high-level guidance into practical, effective cybersecurity programmes remains a challenge—particularly as adversaries leverage increasingly advanced tools. This creates a pressing need to share lessons learned, align with international best practices, and harness the latest technologies to close the gap.
Advanced technologies, including AI-powered threat detection, behavioural analytics, zero trust frameworks, security orchestration and automated response (SOAR), and cloud-native security platforms, offer new opportunities for nuclear operators. These tools not only enhance detection and response capabilities but also help security teams manage risks more efficiently, filter through massive volumes of threat data, and act proactively, often preventing breaches before they occur.
Objectives
The workshop explored how advanced technologies are transforming cybersecurity practices within the nuclear sector and other critical infrastructure. It provided a platform for participants to exchange experiences, learn from practical case studies, and build a deeper understanding of how to strengthen cyber resilience at the organisational, national and international levels.
The workshop provided participants with the opportunity to:
- Understand the cyber threat landscape specific to the nuclear sector, including OT-targeted attacks and supply chain risks
- Learn how AI, ML, automation, and analytics are transforming cybersecurity practices in critical infrastructure
- Explore how advanced technologies support regulatory compliance and operational resilience
- Examine selected security frameworks, such as zero trust, SOAR and XDR, and review their applicability at nuclear facilities
- Engage with use cases demonstrating real-world technology integration in nuclear environments
Participants were encouraged to identify immediate steps that can be taken to strengthen cybersecurity programmes and mitigate cyber threats in their organisations and countries.
Audience
The workshop gathered 47 delegates from all over the world.
The target audience for this event was in majority individuals who are responsible for cybersecurity at nuclear facilities. They included, amongst others, representatives from nuclear operating organisations, digital technology vendors, information security organisations, regulators and technical support organisations, academia, and the IAEA.
Process
This event was interactive and professionally facilitated. The workshop was built around a number of presentations as well as case studies and breakout sessions that enable participants to further explore the topic and share their experiences and lessons learned.
An online electronic voting system allowed participants to anonymously provide their views on questions put to the audience.
The workshop wasbe held in English. The discussions were unclassified but subject to Chatham House rules (what was said can be reported, but not attributed).
