Nuclear plants meet deadline for security improvements

The main trade organization for the U.S. nuclear industry announced Friday that all 103 U.S. nuclear power plants have implemented increased security measures in response to changes made by the Nuclear Regulatory Commission as to the type of terrorist threat plants must be able to defend against.

There are concerns, though, regarding the commission's ability to review the new security plans in place at U.S. nuclear plants and regarding plans by the nuclear industry to use private contractors to conduct mock attacks to evaluate security efforts.

In April 2003, the NRC ordered that all U.S. nuclear plants have in place by Oct. 29, 2004 new security plans to reflect changes made by the commission to the Design Basis Threat - the size and type of a potential terrorist force nuclear plants must be able to defend against. While details of the new DBT are classified, NRC spokesman Dave McIntyre said Monday that the threat was revised to reflect the new security threat following the Sept. 11, 2001, terrorist attacks.

Over the past 18 months, U.S. nuclear plants have implemented a number of new security measures, according to the Nuclear Energy Institute, such as increased guard forces and training, "substantial" physical improvements to defend against car bombs and the creation of a "rigorous" mock attack regime to evaluate security plans. Since 2001, the U.S. nuclear industry has spent more than $1 billion on efforts to improve security, the institute said in a press release.

"These security enhancements will continue to make nuclear power plants the most secure industrial facilities in America," NEI Chief Nuclear Office Marvin Fertel said in a statement.

In September, however, the Government Accountability Office raised concerns over the NRC's ability to adequately evaluate the new security plans in place at nuclear power plants.

In testimony before a House Government Reform subcommittee, senior GAO official Jim Wells described the commission's efforts to evaluate new plant security plans as largely a "paper review" that was not detailed enough to adequately determine whether the plans could defend against the new design basis threat. For example, Wells told lawmakers that GAO officials found that plant security plans were often based on a template and lacked site-specific information.

McIntyre dismissed GAO's criticisms of the commission's security review efforts, saying they were "way off the mark."

"It's a hand's on, day-in, day-out inspection process," he said.

Concerns also have been raised over the NRC's plans to rely on mock attack exercises to evaluate the new security plans, with the GAO saying in September that it will take three years for such exercises to be conducted at all plants.

NEI also came under fire this summer for its decision to hire the Wackenhut Corp. security company to train and manage two permanent adversarial teams that would be used in the mock attack exercises because the company also provides security personnel for about half of U.S. nuclear plants.

Both the NRC and NEI have defended plans to use Wackenhut personnel in the mock attack exercises, noting the experience the company has in providing nuclear plant security and the strict scrutiny to which the exercises will be subjected.

In its statement Friday, NEI called for increased focus to be placed on efforts to integrate police and emergency responders with nuclear plant security forces. To help such efforts, a Nuclear Sector Government Coordinating Council, consisting of industry and government officials, has been created and held its first meeting earlier this month, NEI said.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.