Secure by Design: Strengthening Cyber Resilience in Nuclear Facilities

Overview

The next 10 years in the UK will see another considerable increase in the number of Programmes delivering complex nuclear facilities. New nuclear facilities are increasingly complex due to the convergence of digital and physical systems with Operational Technology (OT) now deeply integrated with IT; increasingly integrated systems of systems architectures and the adoption of big data analytics including AI.  This is creating a larger attack surface for cyber-attacks from increasingly sophisticated threat actors.

In this environment, Secure by Design[1] (SbD) has shifted from best practice to a fundamental requirement for security and resilience of complex facilities.

Why SbD Matters in Nuclear Today

Global cyber threats are rising sharply, and recent incidents across critical infrastructure consistently show the same pattern:  For complex Nuclear facilities these incidents can affect regulatory compliance, operational safety and national security.  Poor early life cycle decisions in areas such as identity services, system/data segmentation, software development lifecycles (DevOps) implementation and key management/ encryption are introducing unnecessary large risks that are costly and sometimes impossible to resolve through life.

For complex nuclear facilities, with long asset lifecycles and high consequence environments, these risks are amplified.

In formal written evidence to Parliament, the Office for Nuclear Regulation (ONR) identified systemic issues in UK nuclear cybersecurity including:

• A deficit of professional cyber expertise, especially among senior and mid‑level staff

• Challenges in modernising legacy systems

• The need for outcome‑based, risk‑focused regulation, rather than prescriptive or reactive controls

The direction of travel is clear:  Security should be embedded into all design decisions through life rather than a late‑stage after thought, and this can be achieved by following a SbD methodology.

From Reactive to Proactive Security

Traditional “patch and respond” security models have been proven to not work in nuclear environments. Chatham House reports that multiple UK nuclear sites have been placed under “significantly enhanced regulatory attention” by the ONR due to unsatisfactory cybersecurity standards. This includes insecure legacy systems, long‑standing vulnerabilities, and unsafe digital practices.

SbD offers a proactive alternative by embedding resilience into the system from the start of its lifecycle.

That means:

• Security requirements built into architecture and procurement

• Security testing factored into verification and validation processes

• Default secure configurations and policies that reduce operator burden and improve security culture

• Full visibility of supply chain components

• Continual assurance and risk monitoring

This mirrors the UK defence sector’s approach, where SbD is treated as a through‑life discipline—from concept to decommissioning.

What Good Secure by Design Looks Like

1. Security embedded into existing Governance Processes

Establishing security into existing governance processes will enable collaboration across teams. It will provide the ability to share security information so that stakeholders can make decisions. to ensure that security measures are proportionate, informed by risk assessments, and aligned to a defined risk appetite.

2. Security as a Strategic Enabler
Security activities should be integrated into capability milestones to align with delivery timelines. Reporting from the capability to relevant stakeholders will help ensure transparency, collaboration, and a clear understanding of security outputs and dependencies.

3. Architected for Resilience
Security architecture as a key pillar of design. Built‑in least privilege, robust telemetry, segmented networks, and designs that minimise attack impact, are designed for recovery and are responsive to changing threats.

4. A Capable, Aligned Supply Chain
Clear responsibilities across operators, integrators, and vendors—supported by transparent reporting and shared standards.

5. Proactive Defensive Cyber
Ongoing monitoring, threat‑informed decisions, and adaptive controls to counter evolving adversaries.

In nuclear environments, Secure‑by‑Design simply is no longer optional. It is the foundation of safe operations, regulatory assurance, and therefore national resilience. As the sector continues to modernise, embedding SbD from concept through delivery ensures that digital systems remain trustworthy, dependable, and mission‑ready in an increasingly contested cyber landscape.

Why BMT?

BMT brings a combination of highly qualified independent cyber security consultancy , deep defence engineering expertise, and proven experience supporting complex, safety critical systems.

1. Independent, expert led cyber security consultancy services

BMT provides comprehensive cyber security consultancy services, including secure system architecture and design, cyber security risk management, cyber vulnerability investigations, cyber threat intelligence, and , core elements of an SbD approach[2]. Through effective engagement and the establishment of strong stakeholder relationships, our services help organisations reduce the risk and impact of cyber-attacks by delivering independent, risk‑informed analysis and practical mitigation strategies, working with customers to provide solutions to complex problems.

This independence is especially important in nuclear, where the UK’s ONR Secure‑by‑Design Technical Assessment Guide emphasises the need for structured, evidence‑backed security submissions throughout design and lifecycle stages.

2. Proven experience across defence, critical infrastructure, and mission critical systems‑critical systems

BMT is a recently celebrated its 40^th birthday and has a long‑established background in engineering, science and technology consultancy with significant experience delivering solutions in defence, security, and critical infrastructure, all domains with regulatory, safety and cyber‑security parallels to nuclear.

Our track record includes working with global defence customers across ships, submarines, land systems, and digital platforms, integrating design, procurement and operational expertise.

3. End‑to‑end lifecycle consultancy aligned with SbD principles

Secure‑by‑Design in nuclear requires a through‑life approach, from concept, design and procurement to operation and decommissioning.
BMT already supports clients across entire asset lifecycles, providing systems engineering, technical assurance, safety engineering, and digital transformation services.  This aligns directly with ONR expectations that SbD integrates into all duty holder submissions, security plans, and lifecycle activities.

4. Deep risk, safety and safeguards expertise

Nuclear Secure‑by‑Design sits at the intersection of safety, security and safeguards (3S). BMT’s extensive heritage in risk management, safety engineering and complex systems design makes us well-equipped to help nuclear operators integrate cyber and security considerations without compromising safety or operational performance.
BMT’s legacy spans high‑hazard and regulated environments, including heavy involvement in defence programmes requiring stringent assurance and safety regimes.

5. Trusted partner model and global presence

As an employee-owned business, BMT positions itself as a trusted and independent advisor, offering practical support tailored to regulatory frameworks and mission-critical needs. Our global footprint and network of qualified consultants enable us to support multi-stakeholder nuclear programmes involving operators, integrators, government bodies, and regulators.

[1] SbD enables a culture of proactive risk management and security consideration throughout a capability’s lifecycle by using cyber security principles, roles, processes, tools and techniques to secure systems and data. 

[2] BMT has a long-standing relationship with MOD customers and continues to offer technical advisory and assurance support to the UK Defensive Cyber Operations (DCO) Programme, acting as the interface between projects and Defence Digital Technical Architectures.