Ask SME and Learn. NRC Cyber Security Oversight. Cyber Security Directorate

Transcription

1 Ask SME and Learn NRC Cyber Security Oversight Program Mario R. Fernandez Jr., Security Specialist (Cyber) Cyber Security Directorate Office of Nuclear Security & Incident Response 1

2 Agenda Cyber Security Inspection Team Team Composition Training Activities Cyber Security Inspection Schedule Overview of Some Areas of Inspection Oversight Assessment Inspection Trends Security y Issues Forum (SIF) Improvement Trends Communications with the Industry Full Implementation ti Inspections

3 Inspection Team Team Composition Regions Team Leader Regional Inspectors Qualified Inspectors Electrical, Instrumentation &Controls, Security, Plant OPs Contract SMEs NRC Security S i li NRC Headquarters Specialists NSIR Cyber Security Directorate Staff Security Risk Analysts Contract Support Subject Matter Experts Multi-Disciplinary 3

4 Inspection Team Training activities Computer & Networks Course (CBT) Cyber Security Course - Idaho National Lab Pilot Inspections Watts Bar, Clinton Inspection Procedure Workshop at each Region All Inspectors Meeting- June

5 Inspection Team Training activities Core Topics Specialized Training Cyber Security Specialized Training Regulations Regional Inspectors Cyber Security Threats Defensive Strategies Regulatory Guidance Licensing Basis (CSPs) Contractors NRC Regulations Oversight Program Temporary Instruction Cross Training 5

6 Inspection Team Temporary Instruction 2201/004; Inspection of Interim Milestones Significant Determination Process (SDP) NRC Lead inspector Team Composition Regional Inspector Team Lead Regional Inspector NSIR & CSD Staff Cyber Security Specialist (Contractor) 21 Inspections scheduled in CY 2013 split between all regions 16 Inspections completed NRC inspector HQ Personnel NRC Contractor NRC HQ NRC Available (remotely) to the team as/if needed Support staff 6

7 Some Areas of Inspection (TI 2001/004 ) Understanding the Cyber Threat Landscape Threat vectors Threat characteristics Hard-wired networks Internet Intranet Wireless Wifi Bluetooth th Mobile media USB thumb drive CD/DVD Portable equipment Laptops Test equipment Motivated Opportunistic Persistent t Adaptive Learning Good at info sharing 7

8 Some Areas of Inspection (TI 2001/004 ) Establishment of a Cyber Security Assessment Team (CSAT) Identification of Critical Systems (CSs)/Critical Digital Assets (CDAs) Defense-in-Depth and Detection and Response 8

9 Some Areas of Inspection (TI 2001/004) Mobile Media and Device protections Cyber Tampering CDA Use Only Specific CDAs Security Controls Implementation Ongoing Monitoring and Assessments of Security Controls Implemented 9

10 Oversight Assessment CDA Identification or Scoping Implementation of Defensive Architecture Control of Portable Media & Devices Security Controls for CDAs 10

11 Security Issues Forum (SIF) Weekly Secure Video Conference All Regions & HQ staff discuss cyber security inspection issues Good Faith Attempt Enforcement Discretion The NRC is exercising enforcement discretion in accordance with Section 3.0, Use of Enforcement Discretion, Part 3.5, Violations Involving Special Circumstances, of the NRC Enforcement Policy 11

12 Improvement Trends Better documented CDA Scoping Process Effective implementation of one way communication from level 4 to level 3 Increased Mobile Media and Portable Device protections CDA Use Only Cyber Tampering Rounds & indications 12

13 Continued Communications Continued Communications with Industry through calls & meetings Inspector Workshop (June 2013) Industry Workshop Beginning communication with Industry on MILESTONE 8 INSPECTIONS 13

14 Full Implementation Inspections Full Implementation of the Cyber Security Program (Milestone 8) Meet all the requirements committed in approved Cyber Security Plan Licensees, on a site by site basis, have committed to full implementation late , inspections begin 2015 Inspection of final implementation will initially entail a two week inspection 14

15 Summary Importance of multi-disciplinary Cyber Security Inspection Team Training entails cyber, regulations, pilot inspections Cyber Security Inspection Schedule Overview of Some Areas of Inspection Oversight Assessment Inspection Trends Resolution R l of inspection issues (SIF) Full Implementation Inspections

16 Questions 16