ML22286A036
| ML22286A036 | |
| Person / Time | |
|---|---|
| Issue date: | 10/13/2022 |
| From: | Tammie Rivera NRC/NSIR/DPCP/CSB |
| To: | |
| Rivera T | |
| References | |
| Download: ML22286A036 (9) | |
Text
2022 Cybersecurity Inspections Lessons Learned Tammie Rivera, Cyber Security Specialist Cyber Security Branch Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response Public Meeting (Open Session)
October 13, 2022 1:00 - 3:00 P.M.
Topics
- Cyber inspections alternative options from cyber in FOF SECY
- Background
- Discuss lessons learned and other observations
- Comments and feedback 2
Alternate Options - Being Considered For cyber in FOF paper, staff considered alternatives that focused on the baseline cyber inspection:
1.
Revise inspection procedure for more in-depth evaluation of specific mitigation strategy areas 2.
Use of performance-based models such as a Test Bed that models a licensees network 3.
Potential for a graded cyber attack incident response exercise (similar to EP evaluated exercise) 4.
Vendor inspections Staff would seek additional stakeholder input before recommending/
implementing any options related to the cyber baseline inspection.
3
Key Messages
- Staff identified lessons learned and trends from the 2022 cybersecurity inspections.
- Focused on the inspection activities from January through September 2022.
- This effort will support identification of any actions needed to ensure efficiency and effectiveness of future inspections.
4
=
Background===
- Objectives of IP 71130.10
- 1. To provide assurance that digital equipment associated with safety, security, or emergency preparedness (SSEP) functions are adequately protected against cyber-attacks in accordance with (10 CFR) 73.54 and the licensee's approved cyber security plan (CSP).
- 2. To verify that CSP changes and reports are in accordance with 10 CFR 50.54(p).
5
Background Continued ROP baseline cyber inspections 2022
- IP 71130.10 revised to reflect baseline inspection objectives
- Biennial baseline inspections started Feb 2022
- Evaluate changes to the program, critical systems, and CDAs 6
Lessons Learned - Inspection Process
- Forwarding questions to the licensee prior to arrival of the inspection team
- One week inspection results in a tight onsite inspection schedule
- Issues often dispositioned after inspection week
- Entrance and exit meetings conducted virtually 7
Other Observations
- CDA assessments:
- Complete, accurate, and well-documented CDA assessments are essential
- Provide the inspectors a good picture of the health of the program and minimizes raising questions
- Knowledgeable and competent cyber team is critical to a successful, effective, and efficient inspection 8
Meeting Feedback & POCs To submit feedback and comments please:
- Navigate to this meeting on the NRC Public Meeting Schedule
- Click the Meeting Feedback Form link Meeting POCs: Tammie Rivera and Mario Fernandez Tammie.Rivera@nrc.gov and Mario.Fernandez@nrc.gov Cyber Security Branch Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response 9