ML22286A036
| ML22286A036 | |
| Person / Time | |
|---|---|
| Issue date: | 10/13/2022 |
| From: | Tammie Rivera NRC/NSIR/DPCP/CSB |
| To: | |
| Rivera T | |
| References | |
| Download: ML22286A036 (9) | |
Text
2022 Cybersecurity Inspections Lessons Learned Public Meeting (Open Session)
October 13, 2022 1:00 - 3:00 P.M.
Tammie Rivera, Cyber Security Specialist Cyber Security Branch Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response
Topics
- Cyber inspections alternative options from cyber in FOF SECY
- Background
- Discuss lessons learned and other observations
- Comments and feedback 2
Alternate Options - Being Considered For cyber in FOF paper, staff considered alternatives that focused on the baseline cyber inspection:
- 1. Revise inspection procedure for more in-depth evaluation of specific mitigation strategy areas
- 2. Use of performance-based models such as a Test Bed that models a licensees network
- 3. Potential for a graded cyber attack incident response exercise (similar to EP evaluated exercise)
- 4. Vendor inspections Staff would seek additional stakeholder input before recommending/
implementing any options related to the cyber baseline inspection.
3
Key Messages
- Staff identified lessons learned and trends from the 2022 cybersecurity inspections.
- Focused on the inspection activities from January through September 2022.
- This effort will support identification of any actions needed to ensure efficiency and effectiveness of future inspections.
4
Background
- Objectives of IP 71130.10
- 1. To provide assurance that digital equipment associated with safety, security, or emergency preparedness (SSEP) functions are adequately protected against cyber-attacks in accordance with (10 CFR) 73.54 and the licensee's approved cyber security plan (CSP).
- 2. To verify that CSP changes and reports are in accordance with 10 CFR 50.54(p).
5
Background Continued
- ROP baseline cyber inspections 2022
- IP 71130.10 revised to reflect baseline inspection objectives
- Biennial baseline inspections started Feb 2022
- Evaluate changes to the program, critical systems, and CDAs 6
Lessons Learned - Inspection Process
- Forwarding questions to the licensee prior to arrival of the inspection team
- One week inspection results in a tight onsite inspection schedule
- Issues often dispositioned after inspection week
- Entrance and exit meetings conducted virtually 7
Other Observations
- CDA assessments:
- Complete, accurate, and well-documented CDA assessments are essential
- Provide the inspectors a good picture of the health of the program and minimizes raising questions
- Knowledgeable and competent cyber team is critical to a successful, effective, and efficient inspection 8
Meeting Feedback & POCs To submit feedback and comments please:
- Navigate to this meeting on the NRC Public Meeting Schedule
- Click the Meeting Feedback Form link Meeting POCs: Tammie Rivera and Mario Fernandez Tammie.Rivera@nrc.gov and Mario.Fernandez@nrc.gov Cyber Security Branch Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response 9