IAEA Division of Nuclear Security
|
|
- Clyde Miller
- 5 years ago
- Views:
Transcription
1 IAEA Division of Nuclear Security Computer Security Activities Overview Donald Dudenhoeffer 25 May 2017
2 Computer and Information Security The Division of Nuclear Security (NSNS) seeks to support Member States in enhancing their computer security with their nuclear security regime. Focused on preventing malicious computer acts that could directly or indirectly lead to: unauthorized removal of nuclear/ other radioactive material sabotage against nuclear material or nuclear facilities theft of sensitive nuclear information 2
3 Protection of Sensitive Information Convention on the Physical Protection of Nuclear Material (CPPNM) Amendment Fundamental Principle L: Confidentiality The State should establish requirements for protecting the confidentiality of information, the unauthorized disclosure of which could compromise the physical protection of nuclear material and nuclear facilities. Entered into force on 8 May
4 IAEA Basis - Computer Security Nuclear Security Series No 13 (INFCIRC/225/Revision 5) Computer based systems used for physical protection, nuclear safety, and nuclear material accountancy and control should be protected against compromise (e.g. cyber attack, manipulation or falsification) consistent with the threat assessment or design basis threat. 4
5 Future Activities 2017 Action Areas NSS guidance development (NST057, NST045, NST047) Computer security support for advisory missions Coordinated research programme (continuation) Computer security regulation models and lessons learned Computer security for the supply chain Regional and national level capacity development (training and education support) 2018 and Beyond International Training Course on Computer Security (2 week ITC) International Conference on Computer Security (2020) Computer security assurance and evaluation activities (exercises, metrics, etc. ) Regional and national level capacity development distance learning and information exchange 5
6 Information and Computer Security for Nuclear Security IAEA Publications: Nuclear Security Series Documents & Others NSS 20 Objective and essential of a State s nuclear security regime NSS Recommendations NSS 13 Nuclear Material and Nuclear Facilities NSS 14 - Radioactive Material and Associated Facilities NSS 15 Nuclear and other Radioactive MORC NSS Computer Security Implementing Guides NSS 23-G - Security of Nuclear Information (2012) NST045 (2017 est) - Computer Security for Nuclear Security NSS Computer Security Technical Guides NSS 17 - Computer Security Nuclear Facilities (2011) NST047 (2018 est) Computer Security Techniques for Nuclear Facilities NST036 (Completed Print 2016) Computer Security for I&C Systems at Nuclear Facilities Application in Grade Approach Application in Grade Approach Application in Grade Approach Documents Outside Nuclear Security Series Conducting Computer Security Assessments (2016) Incident Response Planning for Computer Security Events (2016) 6
7 Completed MS Review NST 045 Computer Security for Nuclear Security Implementing Level Guidance NST045 spans NSS13, 14, and 15 Focuses on computer security responsibilities across competent authorities, operators, and other entities in a nuclear security regime. Status in 120 Day MS Review
8 Sensitive Digital Assets
9 MS Review Q NST047 Computer Security Techniques for Nuclear Facilities Technical Guidance Focus is NSS13 (Nuclear Facilities) Interfaces with NST045 and NST036 Follows lifecycle of facility Provides guidance on: Use of risk-informed approaches Implementation of graded approach Assignment of any system type to a specific security level Status Submitted to NSCG for 120 Day Review Approval
10 Computer Security Training Primary Training Courses 1. Basic Information and Computer Security Awareness 2. Conducting Computer Security Assessments (new 2013) 3. Advanced Course in Information and Computer Security (new 2014) 4. Computer Security for Nuclear Industrial Control Security (ICS) and Instrumentation and Control (I&C) Systems (2016) 5. International Training Course on Computer Security (2 week ITC) (Proposed for 2018) 10
11 Cyber Security User s Group IAEA s information portal for cyber security 11
12 2017 IAEA Security Conference International Conference on Physical Protection of Nuclear Materials and Nuclear Facilities November 2017, IAEA HQ Purpose - To foster the exchange, among competent authorities, facility operators, shippers and carriers, and technical support organizations, of information, practices and experiences related to the physical protection of nuclear material and facilities, including nuclear material in transport. > Technical Session on Computer Security Conference website: www-pub.iaea.org/iaeameetings/50819/international-conference-on-physical-protection-of-nuclear-material-and-nuclear-facilities 12
13 Questions Donald D. Dudenhoeffer Nuclear Security Information Officer International Atomic Energy Agency Vienna International Centre A-1400 Wien Austria Tel: +43 (1) Fax: +43 (1)
International Atomic Energy Agency Meeting the Challenge of the Safety- Security Interface
Meeting the Challenge of the Safety- Security Interface Rhonda Evans Senior Nuclear Security Officer, Division of Nuclear Security Department of Nuclear Safety and Security Outline Introduction Understanding
More informationGATES, GUARDS, GUNS AND GEEKS: The Changing Face of Nuclear Security and the IAEA s Leading Role in Promoting Computer Security for Nuclear Facilities
GATES, GUARDS, GUNS AND GEEKS: The Changing Face of Nuclear Security and the s Leading Role in Promoting Computer Security for Nuclear Facilities Presented by: Donald D. Dudenhoeffer International Atomic
More informationNuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia
Nuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia Guido Gluschke November 30, 2016 Technische Hochschule Brandenburg University of Applied Sciences 1 Introduction Guido Gluschke
More informationExpert support and Reach back activities
GICNT- Nuclear Detection Working Group Magic Maggiore Ispra 28 March 2017 Expert support and Reach back activities Thierry PELLETIER Nuclear Security Division Safety and Security department International
More informationIAEA Perspective: The Framework for the Security of Radioactive Material and Associated Facilities
59 th General Conference Senior Regulators Meeting Security Session 16 September 2015 IAEA Perspective: The Framework for the Security of Radioactive Material and Associated Facilities Khammar Mrabit Director,
More informationNuclear Security. Resolution adopted on 30 September 2016 during the tenth plenary meeting
General Conference GC(60)/RES/10 Date: September 2016 General Distribution Original: English Sixtieth regular session Item 14 of the agenda (GC(60)/20) Nuclear Security Resolution adopted on 30 September
More informationOFFICIAL COMMISSIONING OF SECURITY SYSTEMS AND INFRASTRUCTURE
Title of document ONR GUIDE COMMISSIONING OF SECURITY SYSTEMS AND INFRASTRUCTURE Document Type: Unique Document ID and Revision No: Nuclear Security Technical Assessment Guide CNS-TAST-GD-4.4 Revision
More informationA Nuclear Security Regime in Japan: Enhancement Efforts & Global Contributions
A Nuclear Security Regime in Japan: Enhancement Efforts & Global Contributions High Level Session 6: Satoru TANAKA Commissioner Nuclear Regulation Authority (NRA) Japan 1 International Conference on Nuclear
More informationJoint ICTP-IAEA School of Nuclear Energy Management November 2012
2374-20 Joint ICTP- School of Nuclear Energy Management 5-23 November 2012 Establishing National Nuclear Security Infrastructure (Module 9 Topics 3 & 4) EVANS Rhonda International Atomic Energy Agency,
More informationWorkshop on Threat Assessment and Design Basis Threat (DBT) Session 6 Developing and Maintaining a DBT
Workshop on Threat Assessment and Design Basis Threat (DBT) Session 6 Developing and Maintaining a DBT Based on Chapter 6 of the IAEA Nuclear Security Series No.10 Implementing Guide Developing a DBT Learning
More informationGUIDANCE ON THE SECURITY ASSESSMENT OF GENERIC NEW NUCLEAR REACTOR DESIGNS
Title of document ONR GUIDE GUIDANCE ON THE SECURITY ASSESSMENT OF GENERIC NEW NUCLEAR REACTOR DESIGNS Document Type: Unique Document ID and Revision No: Nuclear Security Technical Assessment Guide Revision
More informationImplementation of INFCIRC 901: Promoting Certification, Quality Management and Sustainability of Nuclear Security Training
Implementation of INFCIRC 901: Promoting Certification, Quality Management and Sustainability of Nuclear Security Training Rhonda Evans Head, WINS Academy Presentation to the IAEA International Conference
More informationNuclear Safety and Security in Brief
Nuclear Safety and Security in Brief Elena Buglova Centre Head Incident and Emergency Centre (IEC) International Atomic Energy Agency Department of Nuclear Safety and Security: http://www-ns.iaea.org/default.asp
More informationImplementation of Computer Security Measures into existing Physical Protection Strategies in Germany
Implementation of Computer Security Measures into existing Physical Protection Strategies in Germany (IAEA-CN-254-123) J. U. Büttner (BMUB), A. Lochthofen (GRS) International Conference on Physical Protection
More informationPREVENTIVE AND PROTECTIVE MEASURES AGAINST INSIDER THREATS
NUCLEAR SECURITY SERIES NO. XX NST01 DRAFT, November 01 STEP : Submission to MS for comment Interface Document: NSGC, all SSCs PREVENTIVE AND PROTECTIVE MEASURES AGAINST INSIDER THREATS (REVISION OF NUCLEAR
More informationStatus of Cyber Security Implementation at Canadian NPPs
Status of Cyber Security Implementation at Canadian NPPs Chul Hwan Jung Technical Specialist Systems Engineering Division (CNSC) Korean Nuclear Society Conference Jeju, Korea, May 11 13, 2016 e-docs 4982091
More informationIntegrating Nuclear Safety and Security: Operational and Policy Perspectives
Integrating Nuclear Safety and Security: Operational and Policy Perspectives Sharon Squassoni Senior Fellow & Director Proliferation Prevention Program Integrating Nuclear Safety & Security Workshop Johns
More informationR. A. Onoja (P.hD., CNSP) Center for Energy Research and Training, Ahmadu Bello University Zaria, Nigeria.
R. A. Onoja (P.hD., CNSP) Center for Energy Research and Training, Ahmadu Bello University Zaria, Nigeria. raonoja@yahoo.com Introduction CERT Services Physical protection system in Nigeria HEU conversion
More informationOFFICIAL ONR GUIDE PROTECTION OF NUCLEAR TECHNOLOGY AND OPERATIONS. CNS-TAST-GD-7.3 Revision 0. New document issued TABLE OF CONTENTS
Title of document ONR GUIDE PROTECTION OF NUCLEAR TECHNOLOGY AND OPERATIONS Document Type: Unique Document ID and Revision No: Nuclear Security Technical Assessment Guide CNS-TAST-GD-7.3 Revision 0 Date
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationOFFICIAL ONR GUIDE PREPARATION FOR AND RESPONSE TO CYBER SECURITY INCIDENTS. CNS-TAST-GD-7.5 Revision 0. New document issued
Title of document ONR GUIDE PREPARATION FOR AND RESPONSE TO CYBER SECURITY INCIDENTS Document Type: Unique Document ID and Revision No: Nuclear Security Technical Assessment Guide CNS-TAST-GD-7.5 Revision
More informationOverview of Global Nuclear Safety and Security Network (GNSSN)
Overview of Global Nuclear Safety and Security Network (GNSSN) Overview of GNSSN Third Meeting of the Steering Committee (SC) on Competence of Human Resources for Regulatory Bodies in Member States with
More informationIAEA Action Plan on Nuclear Safety
Action Plan on Nuclear Safety Presented to IEEE Nuclear Power Engineering Committee San Antonio, TX 2011 January 25 Gary Johnson International Atomic Energy Agency g.johnson@iaea.org International Atomic
More informationGlobal Nuclear Safety and Security Regime
TC Liaison Officers/Assistant and New Staff Members of Permanent Missions in Vienna Vienna,, 27-29 29 May, 2009 Global Nuclear Safety and Security Regime K. Mrabit Head, Safety and Security Section Department
More informationGNSSN. Global Nuclear Safety and Security Network
GNSSN Global Nuclear Safety and Security Network MESSAGE FROM THE DIRECTOR GENERAL 1 Countries must be able to transfer education and training capacity together with the technology they provide. Yukiya
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationMaritime cyber risk management
Javier Yasnikouski Head Maritime Security Sub-Division for Maritime Security and Facilitation The International Maritime Organization IMO mission: Safe, secure and efficient shipping on clean oceans 2
More informationNuclear Safety and Security in Brief
Nuclear Safety and Security in Brief Denis Flory Deputy Director General Department of Nuclear Safety and Security International Atomic Energy Agency Safety History: Chernobyl Nuclear Safety lessons learned
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationNuclear Security Incident Analysis
Nuclear Security Incident Analysis Towards an Integrated and Comprehensive Approach Presented by Robert Wesley Office of Nuclear Security, Authors: Richard Hoskins, Viacheslav Turkin, Robert Wesley International
More informationIMPLEMENTATION OF REGDOC SECURITY OF NUCLEAR SUBSTANCES: SEALED SOURCES for category 3-5 licensees
IMPLEMENTATION OF REGDOC-2.12.3 SECURITY OF NUCLEAR SUBSTANCES: SEALED SOURCES for category 3-5 licensees Craig Thompson Security Advisor Nuclear Security Division Canadian Nuclear Safety Commission Canadian
More informationCNSC Presentation to the Federal Agency for Nuclear Control
CNSC Presentation to the Federal Agency for Nuclear Control Canadian Experience in the Development and Implementation of Regulatory Requirements for the Security of Radioactive Sources Raphael Duguay,
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationNuclear security in France : role of cooperation to enhance security culture
EU High-level Event on "International cooperation to enhance a worldwide nuclear security culture" Nuclear security in France : role of cooperation to enhance security culture Dr. Frédéric Mariotte Deputy
More informationIEC INCIDENT AND EMERGENCY CENTRE
Department of Nuclear Safety and Security IEC INCIDENT AND EMERGENCY CENTRE IEC - Mission Statement Global Focal Point for International Preparedness, Communication and Response for Nuclear and Radiological
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationuanacia 1+1 MARINE SECURITY OPERATIONS BULLETIN No:
1+1 MARINE SECURITY OPERATIONS BULLETIN No: 2014-001 CLARIFICATION OF TRANSPORT CANADA (TC) MARINE SECURITY MANDATORY THREAT, BREACH AND INCIDENT REPORTING REOUIREMENTS THIS MARINE SECURITY OPERATIONS
More informationINFCIRC/225/Rev 5 Implementation at a Facility Level: Common Issues and Best Practices. Oleg Bukharin U.S. Nuclear Regulatory Commission
INFCIRC/225/Rev 5 Implementation at a Facility Level: Common Issues and Best Practices Oleg Bukharin U.S. Nuclear Regulatory Commission Why INFCIRC/225 facility-level evaluations? INFCIRC/225 is a recommendations
More informationOFFICIAL ONR GUIDE PHYSICAL PROTECTION OF INFORMATION. CNS-TAST-GD-7.4 Revision 0. New document issued TABLE OF CONTENTS
Title of document ONR GUIDE PHYSICAL PROTECTION OF INFORMATION Document Type: Unique Document ID and Revision No: Nuclear Security Technical Assessment Guide CNS-TAST-GD-7.4 Revision 0 Date Issued: April
More informationProtecting Canada s Nuclear Industry THE
Protecting Canada s Nuclear Industry THE EVOLUTION OF NUCLEAR SECURITY AND ARMED RESPONSE FORCES AT DESIGNATED NUCLEAR FACILITIES Mr. Terry Jamieson Vice-President Technical Support Branch Canadian Nuclear
More informationTOWARDS A SUSTAINABLE AND RESPONSIBLE USE OF NUCLEAR ENERGY
TOWARDS A SUSTAINABLE AND RESPONSIBLE USE OF NUCLEAR ENERGY Seoul National University Seoul, 23 rd July 2011 Denis Flory Deputy Director General Department of Nuclear Safety and Security International
More informationImproving the Security of Radioactive Sources in Industrial Radiography in South East Asia
Improving the Security of Radioactive Sources in Industrial Radiography in South East Asia Presented by Andrew Popp Regional Security of Radioactive Sources Project Andrew Popp, Allan Murray 13 th International
More informationAwareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology
Awareness as a Cyber Security Vulnerability Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology Background TSA Cyber Security Awareness and Outreach (CSAO)
More informationCybersmart Buildings: Securing Your Investments in Connectivity and Automation
Cybersmart Buildings: Securing Your Investments in Connectivity and Automation Jason Rosselot, CISSP, Director Product Cyber Security, Johnson Controls AIA Quality Assurance The Building Commissioning
More informationCybersecurity: Incident Response Short
Cybersecurity: Incident Response Short August 2017 Center for Development of Security Excellence Contents Lesson 1: Incident Response 1-1 Introduction 1-1 Incident Definition 1-1 Incident Response Capability
More informationCNSS Advisory Memorandum Information Assurance December 2010 Advisory Memorandum
December 2010 Advisory Memorandum Reducing the Risk of Removable Media in National Security Systems NATIONAL MANAGER FOREWORD 1. Using removable media presents serious risks to the security of National
More informationNATIONAL STRATEGY:- MALAYSIAN EXPERIENCE
NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE Devi Annamalai Security, Trust and Governance MCMC 28th August 2007 Hanoi. Vietnam BACKGROUND MCMC is a statutory body established under the Malaysian Communications
More informationCOMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013
COMPASS FOR THE COMPLIANCE WORLD Asia Pacific ICS Security Summit 3 December 2013 THE JOURNEY Why are you going - Mission Where are you going - Goals How will you get there Reg. Stnd. Process How will
More informationPrinciples of Information Security, Fourth Edition. Chapter 1 Introduction to Information Security
Principles of Information Security, Fourth Edition Chapter 1 Introduction to Information Security Introduction Information security: a well-informed sense of assurance that the information risks and controls
More informationChemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and
Chemical Facility Anti-Terrorism Standards T. Ted Cromwell Sr. Director, Security and NJ ELG Operations Meeting Today s Presentation ACC Action Major Rule Components Select Risk-Based Performance Standards
More informationPerformance- Based Approach to the Security of Radioactive Sealed Sources: A Canadian Perspective
Performance- Based Approach to the Security of Radioactive Sealed Sources: A Canadian Perspective Abstract Raphaël Duguay, M.Sc., PSP Nuclear Security Division Canadian Nuclear Safety Commission, Canada
More informationE-guide Getting your CISSP Certification
Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationThe University of Queensland
UQ Cyber Security Strategy 2017-2020 NAME: UQ Cyber Security Strategy DATE: 21/07/2017 RELEASE:0.2 Final AUTHOR: OWNER: CLIENT: Marc Blum Chief Information Officer Strategic Information Technology Council
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationE-guide CISSP Prep: 4 Steps to Achieve Your Certification
CISSP Prep: 4 Steps to Achieve Your Certification Practice for the exam and keep your skills sharp : Thank you for downloading our CISSP certification guide. Aside from this handy PDF, you can also access
More informationISA99 - Industrial Automation and Controls Systems Security
ISA99 - Industrial Automation and Controls Systems Security Committee Summary and Activity Update Standards Certification Education & Training Publishing Conferences & Exhibits September 2016 Copyright
More informationDevelopment of a new IEC Standard on Cybersecurity Controls for I&C in Nuclear Power Plants IEC 63096
Development of a new IEC Standard on Cybersecurity Controls for I&C in Nuclear Power Plants IEC 63096 Juergen Bochtler Siemens AG PG ES IC T2000SOL PN QC Freyeslebenstr. 1 D-91058 Erlangen, Germany juergen.bochtler@siemens.com
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationCOMPUTER SECURITY DESIGN METHODOLOGY FOR NUCLEAR FACILITY & PHYSICAL PROTECTION SYSTEMS
NUCLEAR REGULATORY AUTHORITY, GHANA COMPUTER SECURITY DESIGN METHODOLOGY FOR NUCLEAR FACILITY & PHYSICAL PROTECTION SYSTEMS Nelson K. Agbemava ICT and Computer Security Section Head Instrumentation & ICT
More informationDepartment of Defense Cybersecurity Requirements: What Businesses Need to Know?
Department of Defense Cybersecurity Requirements: What Businesses Need to Know? Why is Cybersecurity important to the Department of Defense? Today, more than ever, the Department of Defense (DoD) relies
More informationCYBERSMART BUILDINGS. Securing Your Investments in Connectivity and Automation
CYBERSMART BUILDINGS Securing Your Investments in Connectivity and Automation JANUARY 2018 WELCOME STEVE BRUKBACHER Application Security Manager Global Product Security Johnson Controls 1 WHY ARE WE HERE
More informationNational Progress Report: Belgium
National Progress Report: Belgium Since the 2014 Nuclear Security Summit, Belgium has strengthened nuclear security implementation and built up the global nuclear security architecture by[1] STRENGTHENING
More informationCivil Nuclear Power - The Cyber Security Perspective
Civil Nuclear Power - The Cyber Security Perspective Guido Gluschke g.gluschke@uniss.org Institute for Security and Safety (ISS) at the Brandenburg University of Applied Sciences, Germany Deutsche Physikalische
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationIntroducing Cyber Resiliency Concerns Into Engineering Education
Introducing Cyber Resiliency Concerns Into Engineering Education Mr. Tom McDermott Georgia Tech Research Institute Mr. Barry Horowitz University of Virginia NDIA 20 th Annual Systems Engineering Conference
More informationMEASURES TO ENHANCE MARITIME SECURITY. Cyber risk management in Safety Management Systems. Submitted by United States, ICS and BIMCO SUMMARY
E MARITIME SAFETY COMMITTEE 101st session Agenda item 4 26 March 2019 Original: ENGLISH Pre-session public release: MEASURES TO ENHANCE MARITIME SECURITY Cyber risk management in Safety Management Systems
More informationFunction Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments
Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments 1 ID.AM-1: Physical devices and systems within the organization are inventoried Asset Management (ID.AM): The
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationNuclear Security Governance Experts Group Workshop on Improving Nuclear Security Regime Cohesion Asan Institute Seoul, July
Nuclear Security Governance Experts Group Workshop on Improving Nuclear Security Regime Cohesion Asan Institute Seoul, July 18-19 2012 Learning from Nuclear Safety Sharon Squassoni, Center for Strategic
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationCapacity building in the IAEA Action Plan on Nuclear Safety
International Conference on Human Resource Development for Nuclear Power Programmes: Building and Sustaining Capacity 12 16 May 2014 Capacity building in the IAEA Action Plan on Nuclear Safety Gustavo
More informationEXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
EXCERPT NIST Special Publication 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations An Excerpt Listing All: Security Requirement Families & Controls Security
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationQualification Specification. Level 2 Award in Cyber Security Awareness For Business
Qualification Specification Level 2 Award in Cyber Security Awareness For Business ProQual 2015 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates 4 Assessment
More informationDISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY ATTACHMENT A A-1: BACKGROUND AND CONTRACTOR QUALIFICATIONS A-2: SCOPE OF WORK
DISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY ATTACHMENT A A-1: BACKGROUND AND CONTRACTOR QUALIFICATIONS A-2: SCOPE OF WORK GOODS AND SERVICES CONTRACTS Page 1 of 5 RFP 16-PR-DEM-33 Comprehensive All-Hazards
More informationDIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018
DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL June 14, 2018 A. Overriding Objective 1.1 This Directive establishes the rules and instructions for Bank Personnel with respect to Information
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationDEFINITIONS AND REFERENCES
DEFINITIONS AND REFERENCES Definitions: Insider. Cleared contractor personnel with authorized access to any Government or contractor resource, including personnel, facilities, information, equipment, networks,
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Security Assessment MAR'01 1 Lesson Topics ISPS Code Requirement The Assessment Process ISPS Code Requirements What is the purpose
More informationOPTIMIZATION OF ACTIVITIES TO IMPROVE THE NUCLEAR MATERIAL AND FACILITIES SECURITY
OPTIMIZATION OF ACTIVITIES TO IMPROVE THE NUCLEAR MATERIAL AND FACILITIES SECURITY Vadim Prostakov Vienna 02.04.2009 OPTIMIZATION OF ACTIVITIES TO IMPROVE THE NUCLEAR MATERIAL AND FACILITIES SECURITY 1.
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationCESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK
CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK Building resilience: 10 Steps to Cyber Security 1. Information Risk Management Regime 2. Secure
More informationJoint Statement on National Nuclear Detection Architectures
Information Circular INFCIRC/905 Date: 20 December 2016 General Distribution Original: English Communication dated 14 December 2016 received from the Permanent Mission of Finland concerning a Joint Statement
More informationMedical Device Vulnerability Management
Medical Device Vulnerability Management MDISS / NH-ISAC Process Draft Dale Nordenberg, MD June 2015 Market-based public health: collaborative acceleration Objectives Define a trusted and repeatable process
More informationTHE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS
THE WHITE HOUSE Office of the Press Secretary EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical
More informationMultilateral Arrangements in Safety, Licensing & Regulations Capacity Building for Nuclear Safety and Security
Multilateral Arrangements in Safety, Licensing & Regulations Capacity Building for Nuclear Safety and Security Russell Gibbs Senior Safety Officer, Safety and Security Coordination Section Department of
More informationInfrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA
Security and resilience for ehealth Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA European Union Agency For Network And Information Security Securing Europe
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationConducting Computer Security Assessments at Nuclear Facilities
Conducting Computer Security Assessments at Nuclear Facilities IAEA NUCLEAR SECURITY SERIES AND RELATED PUBLICATIONS IAEA guidance on nuclear security issues relating to the prevention and detection of,
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Security and Port Facility MAR'01 1 Security Plans (PFSP) Lesson Topics Purpose of the PFSP Developing the PFSP Role of Facility Personnel
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More information