Nuclear Agency Wants Info on Securing Radioactive Waste from Cyberattacks

Cooling towers at the Three Mile Island nuclear power plant in Middletown, Pa.

Cooling towers at the Three Mile Island nuclear power plant in Middletown, Pa. Matt Rourke/AP File Photo

Featured eBooks

Digital First
Cybersecurity & the Road Ahead
Emerging Technology Trends

The National Nuclear Security Administration is looking for a woman-owned small business to prevent cyberattacks targeting nuclear materials, whether in a facility or in transit.

The Energy Department is concerned that facilities holding nuclear and other radiological materials could be susceptible to cyberattacks but is hoping a women-owned small business can help.

The National Nuclear Security Administration put out a notice seeking women-owned small businesses and economically disadvantaged women-owned small businesses capable of securing nuclear sites globally from physical and cyber threats. While the sources sought notice leads with “physical security policy,” the notice almost exclusively concerns cybersecurity matters.

For instance, transporting radioactive materials is dangerous work. Per an ongoing study by the Office of Radiological Security, the communications systems embedded in those transportation vehicles could be targeted by cyberattacks, leading to devastating consequences.

Contributing to that study would be part of the eventual contract, as well as 16 other focus areas, including:  

  • Recommending programwide cybersecurity guidance and training and conducting assessments for the Office of Radiological Security.
  • Developing “plausible” cyberattack scenarios, including physical components, as well as strategies for defending against these potential attacks.
  • Conducting vulnerability assessments and equipment tests to identify and remediate flaws.
  • Working with the Nuclear/Cyber Interagency Working Group and the National Security Council Cyber Nuclear Sub-Policy Coordinating Committee as a subject matter expert.
  • Reviewing the latest International Atomic Energy Agency and Nuclear Regulatory Commission policies and guidance on cybersecurity.

The Nuclear Security Administration wants to award this contract to a small business—and specifically a women-owned small business—so long as it meets certain qualifications, including proper certifications, experience and active Q clearance with the Energy Department.

That said, the administration is welcoming responses from any companies with experience in this area, so it can determine whether the pool of women-owned businesses is sufficient in this case.

Interested companies have until 6 p.m. March 12 to submit capability statements.