There is no nuclear infrastructure now in Sri Lanka, but that nation will have a significant impact on the future of nuclear security. That is because, in the wake of the horrific terrorist attacks on its churches and hotels, former Admiral James Stavridis has declared that the world is now facing Terrorism 3.0. That means that global nuclear security policies and approaches need to be rebooted to Nuclear Security 3.0 to match the threat.

Stavridis notes that Terrorism 3.0 is defined as “globally dispersed, highly lethal, financially capable, deeply innovative,” effectively using the internet to organize, and “seeking over time to obtain weapons of mass destruction” including cyber and radiological.

This danger is paired with dramatic innovation in weapons delivery technology. If the battlefield of the future will be defined by “swarms of intelligent machines [delivering] violence at greater volume and high velocity than ever before,” then it can be projected that some of that technology will become available to terrorist organizations over time.

The nuclear security issue at its core is about preventing at nuclear facilities outsider attacks, insider sabotage and terrorist access to fissile and radiological materials. Each of those objectives is under stress from these terrorist and technological evolutions.

The cybersecurity challenge in the nuclear field is already well established, and while steps are being taken to address it, they are slow, reactive, and uneven. If swarms of intelligent machines deliver high-velocity violence in the future, it is not clear that the protective forces at nuclear facilities will be prepared for this, especially those that rely on local police as the response force. As small, geographically dispersed nuclear reactors make their way onto the electricity grid of developing nations, they must be adequately protected from potential terrorist exploitation.

The U.S. spearheaded a 50 plus heads-of-state Nuclear Security Summit process from 2010-16 to strengthen global nuclear security. Unfortunately, none of these issues – cybersecurity, intelligent machine weapon delivery, or advanced reactors - were on the agenda. This is a testament to how quickly the nuclear and technology environment is evolving. But it also was significantly influenced by the reluctance of the participating nations to move beyond prevailing nuclear threat profiles and protection standards. There was a severe lack of imagination and political courage.

The summits ended with a bridge to nowhere, and predictably the nuclear security issue has dropped like a rock on the global security priority list. The global security system largely remains a patchwork of uneven effectiveness governed by national regulations.

Like the protection of all vulnerable critical infrastructure, the nuclear security chain is only as strong as its weakest link. As the nuclear power environment evolves, with more floating reactors, deployments in contested territories, and remote siting of small reactors, new nuclear security challenges will arise.

The absence of U.S. leadership in response to these major evolutions is extremely problematic. Its main competitors, Russia and China, are not enthusiastic about highlighting potential vulnerabilities resulting from their technology. The global nuclear watchdog, the International Atomic Energy Agency, is hamstrung by the need for consensus among its members to make major security changes, and even those are non-binding.

If terrorism 3.0 is now a reality then we need to advance to nuclear security 3.0, and quick.

Kenneth Luongo, President, Partnership for Global Security