Estonia’s Guardtime delivers a specialised cyber exercise for the UK civil nuclear sector

The Estonian-founded, Amsterdam-based software security company, Guardtime, has planned and executed a custom cyber exercise for the UK civil nuclear sector.

The exercise was run on the Estonian Defence Forces’ cyber range, complemented with actual industrial control systems simulating a nuclear power plant, the company said in a statement.

“Live cyber attacks were conducted against these systems to provide the participants with an opportunity to exercise perishable cyber defence skills, analytical thinking to characterise an ongoing cyber-attack, achieving situational awareness, and communicating with senior management,” the company said.

Developed with support from the Institute for Security and Safety at the Brandenburg University of Applied Sciences and the UK National Cyber Security Centre, the scenario included elements of both cyber and physical security. Guardtime assembled a multi-national team of experts to deliver the cyber-attacks, EclecticIQ provided a cyber threat intelligence sharing platform, and Defendec provided perimeter surveillance cameras.

“Our approach is to work with world-class partners to develop a highly-customized experience,” Guardtime’s head of cyber operations, Luc Dandurand, said in a statement. “Each sector has its own approach to cybersecurity and its own specific risks. A successful exercise requires drawing on the sector’s leading experts and adapting to its specific perspective to deliver the right tempo against a realistic, engaging background scenario.”

Growing risk

A report by the Chatham House in 2015 said that the risk of a serious cyber attack on civil nuclear infrastructure is growing, as facilities become ever more reliant on digital systems and make increasing use of commercial “off-the-shelf” software. The report found that the trend to digitisation, when combined with a lack of executive-level awareness of the risks involved, means that nuclear plant personnel may not realise the full extent of their cyber vulnerability and are thus inadequately prepared to deal with potential attacks.

Guardtime is an Estonian-founded, Amsterdam-based software security company, founded in 2007.

I

Cover: A nuclear power station in the UK (the image is illustrative).

Enjoyed this article?
Please consider becoming a supporter.


About the author: Sten Hankewitz

Sten Hankewitz is a lifelong journalist and Deputy Editor of Estonian World. Having lived in Estonia, Spain and the UK, he now resides in the United States. He loves to write and besides contributing to Estonian World and some occasional blogging, he writes for other media outlets in Estonia, Israel and elsewhere. He has strong convictions and he shows them unashamedly. You can follow him on Twitter, friend him on Facebook or check out his personal blog. You can write to Sten at sten@estonianworld.com.