ML101550052
| ML101550052 | |
| Person / Time | |
|---|---|
| Site: | Nuclear Energy Institute |
| Issue date: | 06/07/2010 |
| From: | Correia R NRC/NSIR/DSP/DDMS/MWISB |
| To: | Earls C Nuclear Energy Institute |
| Johnston, Nash, NSIR/DSP 301-415-6769 | |
| Shared Package | |
| ML101550069 | List: |
| References | |
| Download: ML101550052 (2) | |
Text
June 7, 2010 Mr. Christopher E. Earls, Director Nuclear Energy Institute 1776 I Street, NW, Suite 400 Washington, DC 20006
SUBJECT:
NUCLEAR ENERGY INSTITUTE 08-09, CYBER SECURITY PLAN TEMPLATE, REV. 6
Dear Mr. Earls:
In your letter dated June 2, 2010, you requested that the U.S. Nuclear Regulatory Commissions (NRC) staff review and approve by letter the following definition for cyber attack:
Any event in which there is reason to believe that an adversary has committed or caused, or attempted to commit or cause, or has made a credible threat to commit or cause malicious exploitation of a CDA."
Based on a technical review of the definition, the NRC staff concludes that it is acceptable. We understand that the above definition for cyber attack will be included in a future revision of Nuclear Energy Institute (NEI) 08-09 and that licensees may choose to incorporate this definition in their submittals of cyber security plans based on NEI 08-09, Revision 6.
Should you or your staff have any questions, please contact Craig Erlanger at (301) 415-5374 or Eric Lee at (301) 415-8099.
Sincerely, Richard P. Correia, Director /RA M. Layton for/
Division of Security Policy Office of Nuclear Security and Incident
Response
June 7, 2010 Mr. Christopher E. Earls, Director Nuclear Energy Institute 1776 I Street, NW, Suite 400 Washington, DC 20006
SUBJECT:
NUCLEAR ENERGY INSTITUTE 08-09, CYBER SECURITY PLAN TEMPLATE, REV. 6
Dear Mr. Earls:
In your letter dated June 2, 2010, you requested that the U.S. Nuclear Regulatory Commissions (NRC) staff review and approve by letter the following definition for cyber attack:
Any event in which there is reason to believe that an adversary has committed or caused, or attempted to commit or cause, or has made a credible threat to commit or cause malicious exploitation of a CDA."
Based on a technical review of the definition, the NRC staff concludes that it is acceptable. We understand that the above definition for cyber attack will be included in a future revision of Nuclear Energy Institute (NEI) 08-09 and that licensees may choose to incorporate this definition in their submittals of cyber security plans based on NEI 08-09, Revision 6.
Should you or your staff have any questions, please contact Craig Erlanger at (301) 415-5374 or Eric Lee at (301) 415-8099.
Sincerely, Richard P. Correia, Director /RA M. Layton for/
Division of Security Policy Office of Nuclear Security and Incident
Response
DISTRUBUTION:
DSP reading file ADAMS ACCESSION NUMBER: ML101550052 ADAMS PACKAGE NUMBER: ML101550069 OFFICE NSIR/DSP/ISCPB NSIR/DSP/ISCPB NSIR/DSP/ISCPB/BC NSIR/DSP NAME N. Johnston M. Coflin C. Erlanger R. Correia DATE 6/04/2010 6/04/2010 06/04/2010 06/07/2010 OFFICAL RECORD COPY