In the UK nuclear security is overseen by the independent Office for Nuclear Regulation (ONR). The Nuclear Industries Security Regulations 2003 (as amended) require those holding Sensitive Nuclear Information to have in place robust security measures approved by ONR in order to protect this information. The ONR conducts inspections to ensure compliance with security requirements and has powers of enforcement in the event of a breach.
As part of the National Cyber Security Programme (NCSP) DECC has funded: 1) enhanced cyber security training; 2) a rigorous cyber incident response exercising programme; 3) forums and briefings for senior industry personnel to raise awareness of cyber threats; and, 4) work to ensure new nuclear power plants will be cyber secure by design. This work is undertaken in collaboration with industry and the ONR to ensure that there is a process of continuous improvement for cyber security in the civil nuclear sector.