Most organizations with industrial control systems ICS fall into one of two categories: regulated and non-regulated. For those subject to government imposed regulatory requirements, the selection of a cybersecurity framework is obviously compelling. Such is the case with the nuclear energy industry and NEI The nuclear energy industry is one of the safest industries. It is protected by multiple back-up safety systems, robust physical defenses and plant security forces with rigorous training. Since the September 11 terrorist attacks, the industry has continued to improve its safety systems to prepare for emerging threats such as the impact from a wide-bodied commercial airliner and cyber attacks on critical operational systems.
|Published (Last):||26 November 2019|
|PDF File Size:||6.50 Mb|
|ePub File Size:||13.92 Mb|
|Price:||Free* [*Free Regsitration Required]|
The objectives of the Assessment were to identify key areas for improvement by capturing lessons learned from stakeholders, and to use the Assessment to further inform the outcome of PRM NRC held two public meetings and one closed meeting. Current scoping criteria is focused on protecting CDAs from adverse impact, but many CDAs currently being protected may not pose a risk to public health and safety. Other areas stakeholders identified for improvement included: providing clarification on the scope of digital assets not categorized as CDAs; utilizing controls tailored to an industrial control system environment; and transforming the future cybersecurity inspection program.
Based on the audit findings, OIG recommended that the NRC work to close the critical skill gap for future cybersecurity inspection staffing, and develop and implement cybersecurity performance measures, which licensees can demonstrate sustained program effectiveness. NRC staff stated that a final report of the Assessment is expected to be released in July We will continue to monitor developments and issuances of the final assessment.
Lewis Csedrik , Marissa Hill. To embed, copy and paste the code into your website or blog:. Send Print Report. Morgan Lewis. Lewis Csedrik. Marissa Hill. Published In: Cybersecurity.
Energy Sector. Nuclear Power. Morgan Lewis on:. Sign Up Log in.
NRC Begins Assessment of the Power Reactor Cyber Security Program
Please contact customerservices lexology. The goals of the assessment are to ensure that all licensees have implemented and are complying with 10 CFR For more than a decade, the NRC has addressed cyber threats and has improved programs and oversight for nuclear power plants to identify and protect CDAs. CDAs interconnect plant systems performing safety, security, and emergency preparedness functions and are isolated from the internet. Initial requirements were imposed by orders issued after the September 11, , terrorist attacks. The Regulatory Guide directs licensees to address the potential cyber security risks of CDAs by applying the defensive architecture and the collection of security controls identified in the Regulatory Guide.
What is NEI 08-09?
Build a custom email digest by following topics, people, and firms published on JD Supra.
§ 73.54 Protection of digital computer and communication systems and networks.