On 15 January 2026, the Vienna Center for Disarmament and Non-Proliferation (VCDNP) held a webinar to discuss the impact on nuclear security from the Internet of Things (IoT) and AI, exploring how risks could be mitigated while also recognising the opportunities these technologies may offer for nuclear facilities.The report draws on discussions held during a two-day brainstorming workshop in October 2025.
The webinar opened with remarks from VCDNP Executive Director Elena Sokova that highlighted how the digital transformation is impacting our day-to-day lives and the nuclear industry. Ms. Sokova emphasised that a wide range of devices are now equipped with IoT capabilities, including some installed or planned for installation in nuclear facilities. The combination of IoT and artificial intelligence (AI) could offer benefits to nuclear facilities, however, also could result in novel and increased nuclear security vulnerabilities that will need to be managed.
Following the introduction, VCDNP Senior Fellow Dr. Sarah Case Lackner presented key findings on the intentional integration of industrial Internet of Things (IIoT) devices and AI models and systems in nuclear facilities. She highlighted the nuclear security risks associated with these technologies that would need to be managed, including increased cybersecurity vulnerabilities, data protection and data sovereignty concerns, AI-specific vulnerabilities that could introduce novel attack vectors, the importance of human factors, and risks arising at the intersection of safety and security systems.
VCDNP Research Associate Mara then presented the report’s findings on broadly available and accessible consumer IoT devices and commercial AI technologies. She explained how these tools could be misused by malicious actors to enhance their capabilities and support the planning and execution of an attack. Ms. Zarka highlighted that the number of IoT-enabled devices is likely to increase in the coming years. While the cybersecurity risks associated with IoT devices are largely already known to cybersecurity professionals, managing them remains challenging. A particular concern is how the combination of IoT devices and AI offers new pathways for a successful cyberattack.
The presentation concluded with four recommendations directed primarily at policymakers, regulators, operators, and international organisations.
During the subsequent Q&A session, the impact of emerging technologies on the nuclear supply chain, mitigating insider threats, and cybersecurity vulnerabilities were discussed.
The VCDNP extends its gratitude to Global Affairs Canada for its generous support of the webinar, report, and October brainstorming workshop.
The recording from the side event is available below.

