Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

> needs to be a law that all nuclear and nuclear-adjacent facilities have no connection to the Internet

You want to make everything about a nuclear facility bespoke and subject to air-gapped drift? What about the guard booth that verifies peoples access, the receptionist who schedules meetings, and the janitor who wants to watch YouTube on his break? It seems unrealistic to lump everything that goes on at a nuclear facility under this umbrella.

Opening up the internet to a nuclear facility so that the janitor can watch Youtube seems preposterous. People can afford to do things slower for the sake of security. Having things typed out, verifying security via phone calls, etc like it's the 1970s seems reasonable to me. Does it really matter if things aren't fully optimized for speed and convenience in nuclear facilities?

> really matter if things aren't fully optimized for speed and convenience in nuclear facilities

For hiring and retaining people, yes. It's understood that the "guts" of what's happening at these facilities needs to be locked down to the max. But, for supporting roles you need to be able to bring people in off the street without 1) a bunch of specialized training on your bespoke way of doing things, and 2) making your employees less attractive on the job market.

Just my opinion, though. Maybe I'm completely off base but it doesn't seem like a good idea to me long-term.

IRL the way we do it is separating the business network (Youtube, finance people, HR, etc.) from the operational network (relays and sensors). You use data diodes to send business-critical data from the operational network to the business network.

Also, the Kansas City Plant is like a watchmaker's factory, not a power plant. They make widgets and gewgaws, not literally split atoms.