Ask SME and Learn. NRC Cyber Security Oversight. Cyber Security Directorate

Size: px

Start display at page:

Download "Ask SME and Learn. NRC Cyber Security Oversight. Cyber Security Directorate"

Gilbert Hart
8 years ago
Views:

1 Ask SME and Learn NRC Cyber Security Oversight Program Mario R. Fernandez Jr., Security Specialist (Cyber) Cyber Security Directorate Office of Nuclear Security & Incident Response 1

2 Agenda Cyber Security Inspection Team Team Composition Training Activities Cyber Security Inspection Schedule Overview of Some Areas of Inspection Oversight Assessment Inspection Trends Security y Issues Forum (SIF) Improvement Trends Communications with the Industry Full Implementation ti Inspections

Oversight Assessment Inspection Trends Security y Issues Forum (SIF)

3 Inspection Team Team Composition Regions Team Leader Regional Inspectors Qualified Inspectors Electrical, Instrumentation &Controls, Security, Plant OPs Contract SMEs NRC Security S i li NRC Headquarters Specialists NSIR Cyber Security Directorate Staff Security Risk Analysts Contract Support Subject Matter Experts Multi-Disciplinary 3

NRC Security S i li NRC Headquarters Specialists NSIR Cyber Security Directorate

4 Inspection Team Training activities Computer & Networks Course (CBT) Cyber Security Course - Idaho National Lab Pilot Inspections Watts Bar, Clinton Inspection Procedure Workshop at each Region All Inspectors Meeting- June

Pilot Inspections Watts Bar, Clinton Inspection Procedure

5 Inspection Team Training activities Core Topics Specialized Training Cyber Security Specialized Training Regulations Regional Inspectors Cyber Security Threats Defensive Strategies Regulatory Guidance Licensing Basis (CSPs) Contractors NRC Regulations Oversight Program Temporary Instruction Cross Training 5

Threats Defensive Strategies Regulatory Guidance Licensing Basis (CSPs)

6 Inspection Team Temporary Instruction 2201/004; Inspection of Interim Milestones Significant Determination Process (SDP) NRC Lead inspector Team Composition Regional Inspector Team Lead Regional Inspector NSIR & CSD Staff Cyber Security Specialist (Contractor) 21 Inspections scheduled in CY 2013 split between all regions 16 Inspections completed NRC inspector HQ Personnel NRC Contractor NRC HQ NRC Available (remotely) to the team as/if needed Support staff 6

Security Specialist (Contractor) 21 Inspections scheduled in CY 2013 split between all regions 16 Inspections

7 Some Areas of Inspection (TI 2001/004 ) Understanding the Cyber Threat Landscape Threat vectors Threat characteristics Hard-wired networks Internet Intranet Wireless Wifi Bluetooth th Mobile media USB thumb drive CD/DVD Portable equipment Laptops Test equipment Motivated Opportunistic Persistent t Adaptive Learning Good at info sharing 7

Wifi Bluetooth th Mobile media USB thumb drive CD/DVD Portable equipment Laptops

8 Some Areas of Inspection (TI 2001/004 ) Establishment of a Cyber Security Assessment Team (CSAT) Identification of Critical Systems (CSs)/Critical Digital Assets (CDAs) Defense-in-Depth and Detection and Response 8

9 Some Areas of Inspection (TI 2001/004) Mobile Media and Device protections Cyber Tampering CDA Use Only Specific CDAs Security Controls Implementation Ongoing Monitoring and Assessments of Security Controls Implemented 9

Specific CDAs Security Controls Implementation Ongoing

10 Oversight Assessment CDA Identification or Scoping Implementation of Defensive Architecture Control of Portable Media & Devices Security Controls for CDAs 10

11 Security Issues Forum (SIF) Weekly Secure Video Conference All Regions & HQ staff discuss cyber security inspection issues Good Faith Attempt Enforcement Discretion The NRC is exercising enforcement discretion in accordance with Section 3.0, Use of Enforcement Discretion, Part 3.5, Violations Involving Special Circumstances, of the NRC Enforcement Policy 11

exercising enforcement discretion in accordance with Section 3.

12 Improvement Trends Better documented CDA Scoping Process Effective implementation of one way communication from level 4 to level 3 Increased Mobile Media and Portable Device protections CDA Use Only Cyber Tampering Rounds & indications 12

level 4 to level 3 Increased Mobile Media and Portable

13 Continued Communications Continued Communications with Industry through calls & meetings Inspector Workshop (June 2013) Industry Workshop Beginning communication with Industry on MILESTONE 8 INSPECTIONS 13

Workshop (June 2013) Industry Workshop Beginning

14 Full Implementation Inspections Full Implementation of the Cyber Security Program (Milestone 8) Meet all the requirements committed in approved Cyber Security Plan Licensees, on a site by site basis, have committed to full implementation late , inspections begin 2015 Inspection of final implementation will initially entail a two week inspection 14

Licensees, on a site by site basis, have committed to full implementation late 2014 2017,

15 Summary Importance of multi-disciplinary Cyber Security Inspection Team Training entails cyber, regulations, pilot inspections Cyber Security Inspection Schedule Overview of Some Areas of Inspection Oversight Assessment Inspection Trends Resolution R l of inspection issues (SIF) Full Implementation Inspections

Inspection Schedule Overview of Some Areas of Inspection Oversight Assessment

16 Questions 16

NRC Cyber Security Policy &

Ask SME and Learn NRC Cyber Security Policy & Guidance Development Mario R. Fernandez Jr., Security Specialist (Cyber) Cyber Security Directorate Office of Nuclear Security & Incident Response 1 Agenda