ML22327A138

From kanterella
Revision as of 23:40, 20 January 2023 by StriderTol (talk | contribs) (StriderTol Bot insert)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
LL Public Meeting Summary
ML22327A138
Person / Time
Issue date: 12/06/2022
From: Tammie Rivera
NRC/NSIR/DPCP/CSB
To: Brian Yip
Office of Nuclear Security and Incident Response
Shared Package
ML22327A119 List:
References
ML22327A119
Download: ML22327A138 (3)
v  d  e


Text

December 6, 2022 MEMORANDUM TO: Brian M. Yip, Chief Cyber Security Branch Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response FROM: Tammie N. Rivera, IT Specialist (Cyber) Signed by Rivera, Tammie Cyber Security Branch on 12/06/22 Division of Physical and Cyber Security Policy Office of Nuclear Security and Incident Response

SUBJECT:

SUMMARY

OF OCTOBER 13, 2022, PUBLIC MEETING TO DISCUSS THE 2022 CYBERSECURITY INSPECTIONS LESSONS LEARNED On October 13, 2022, the U.S. Nuclear Regulatory Commission (NRC) held a partially closed meeting to discuss lessons learned and trends identified from the 2022 cybersecurity inspections conducted using revised Inspection Procedure (IP) 71130.10, Cyber Security, dated January 2022 (Agencywide Documents Access and Management System (ADAMS)

Accession No. ML21155A209). The meeting notice, dated September 27, 2022, is available at ML22284A122. The meeting was conducted with an open and closed session. Approximately 150 NRC staff, industry representatives, and members of the public attended the meeting.

The NRC conducted the first biennial baseline cybersecurity inspection under revised IP 71130.10 in February of 2022. The IP was revised to evaluate maintenance of licensees fully implemented cybersecurity programs, as well as changes to the licensees, critical systems and critical digital assets (CDA). The purpose of this meeting was to discuss lessons learned and trends identified from the 2022 cybersecurity inspections conducted under IP 71130.10 and provide members of public an opportunity to ask questions and provide feedback. The open session focused on logistics of the inspection and the inspection process while the closed session of the meeting addressed security-related information, questions, and comments related to the specifics of the program implementation and inspection activities.

Following the introductory remarks of the open session, NRC staff presented lessons learned which focused on the inspection process of inspections conducted from January through September 2022. The staff also discussed efforts to develop potential alternative options for evaluating licensee cyber mitigative strategies during the cybersecurity baseline inspection CONTACT: Tammie Rivera, NSIR/DPCP 301-415-2376

B. Yip program. During the presentation (ML22286A036), NRC staff described the four potential options for evaluating cyber incident response and mitigative strategies developed as potential alternatives to include for cyber in force on force exercises. The staff noted that it would seek additional stakeholder input before implementing any options, should the Commission direct the staff to pursue them.

During the open session, NRC staff discussed lessons learned and other observations which focused on logistics and how the inspections were conducted. NRC staff remarked that inspectors found it very helpful to forward pre-entrance questions ahead of the inspection teams arrival on-site, which provides licensees the flexibility to find the right person or persons to address questions and plan adequate resources to support the inspections. Also, NRC staff discussed adjustments that have been made to the 1-week inspection schedule to allow virtual entrance and exit meetings. Despite these changes, some inspectors have found that they have been required to disposition some issues after the onsite inspection week if the licensee required additional time to gather the information needed to resolve the issue of concern. Other observations noted were the importance of complete, accurate, and well documented CDA assessments which provide an overview of the health of the program, as well as the importance of a knowledgeable and competent licensee points of contact for the inspection team. One participant from the public inquired that if the virtual entrance and exit meetings were voluntary.

The NRC staff noted this is voluntary and should be coordinated between the site and inspection team lead.

The NEI representative commented they appreciated the opportunity to provide feedback and explore additional opportunities for efficient and effective cyber security inspections. The NRC staff concluded the open session and immediately started the closed session of the meeting.

The closed session summary is provided as a separate non-public enclosure given the sensitivity of the security-related information discussed.

Enclosures:

1. Open session presentation
2. Closed session presentation
3. List of participants

ML22327A119 ; ML22327A138 OFFICE RES/DRA/PRAB NSIR/DPCP/CSB RES/DRA/PRAB NAME TRivera TR BYip BY TRivera TR DATE Nov 27, 2022 Dec 6, 2022 Dec 6, 2022

Retrieved from "https://kanterella.com/w/index.php?title=ML22327A138&oldid=3524609"