ML24038A337

From kanterella
Jump to navigation Jump to search
RIC 2024 Technical Session 8 Slides - Cybersecurity Oversight in a Changing Nuclear Security Landscape
ML24038A337
Person / Time
Issue date: 02/07/2024
From: Kim Lawson-Jenkins, Siddiky T
NRC/NSIR/DPCP/CSB
To:
References
Download: ML24038A337 (10)
v  d  e


Text

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024 Bethesda North Marriott Hotel and Conference Center Rockville, Maryland

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Kim Lawson-Jenkins Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response (NSIR)

Cybersecurity Oversight in a Changing Nuclear Security Landscape

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Physical Security Y%

Information Security X%

Operational Security Z%

Cybersecurity W%

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Evidence-Based Risk-Informed Security
  • Risk Analysis of Novel Use of Technology
  • Monitor and Detect
  • Self-Protection LicenseesKnow What You Have
  • Supply Chain
  • Asset Management
  • Configuration Management

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Cybersecurity Risk Assessment
  • Understand the plant functions affected by the technology
  • Understand the minimum capabilities of the technology to support the identified plant functions
  • Evaluate risks, new attack surfaces and vulnerabilities, and mitigations

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Evaluate New Risks Update Cybersecurity Policies and Process Implement New Mitigating Controls Monitor Security Controls

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Cybersecurity Controlsthe toolbox of cybersecurity plans Operational Security Controls Managerial or Administrative Controls Technical Security Controls Defense in depthdetect, respond to, and recover from a cybersecurity attack

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE NRC Cybersecurity Activities Adapting based on lessons learned from inspections during COVID-19 Oversight of licensee self-assessments Participation in preapplication and licensing meetings Working closely with Office of Nuclear Regulatory Research (RES) staff on issues involving the novel use of technologies at nuclear facilities Generating and updating NRC guidance

RIC 2024 Hybrid U.S. Nuclear Regulatory Commission 36th Annual Regulatory Information Conference MARCH 12-14, 2024

  1. nrcric2024 www.nrc.gov ADAPTING TO A CHANGING LANDSCAPE Summary Use of emerging technologies can improve plant safety, security, or operating efficiencies Risk assessments are needed to securely deploy the technology within the plant NRC RES and NSIR staff are working together for the agency to provide effective oversight of the cybersecurity programs
Retrieved from "https://kanterella.com/w/index.php?title=ML24038A337&oldid=3762969"