Khammar Mrabit Director Office of Nuclear Security

Slides:



Advertisements
Similar presentations
Moving the ethical hiring of health workers forward
Advertisements

1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The Implementation Structure DG AGRI, October 2005
TEN-T Info Day for AP and MAP Calls 2012 EVALUATION PROCESS AND AWARD CRITERIA Anna Livieratou-Toll TEN-T Executive Agency Senior Policy & Programme Coordinator.
Evaluation arrangements in Lithuania Neringa Jarmalavičiūtė, Evaluation Division, Ministry of Finance of the Republic of Lithuania.
EMS Checklist (ISO model)
IAEA International Atomic Energy Agency Introductions; Objectives and Scope of the Course Tr aining course on Authorization and Inspection of Uranium Mining.
SAI Performance Measurement Framework
Privacy Reporting and Investment Certification TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Environmental Management Systems Refresher
IAEA International Atomic Energy Agency Session II: The Policy Framework Manase Peter Salema, Director Division for Europe, Department of Technical Cooperation.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
1 Technical Meeting on Managing the Development of a National Infrastructure for Nuclear Power SECURITY STATUS IN CHILE Mauricio Lichtemberg Chilean Nuclear.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Pakistan Nuclear Regulatory Authority
IAEA International Atomic Energy Agency. IAEA Outline Learning objectives Introduction Functions of Regulatory Body (RB) on EPR Appraisal guidance: Part.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Session V: Programme Roles and Responsibilities
INSAG DEVELOPMENT OF A DOCUMENT ON HIGH LEVEL SAFETY RECOMMENDATIONS FOR NUCLEAR POWER Milestone Issues: Group C. Nuclear Safety. A. Alonso (INSAG Member)
USNRC IRRS TRAINING Lecture 2
Regulatory Body MODIFIED Day 8 – Lecture 3.
1 Regulatory Challenges During and Following a Major Safety or Security Event Muhammad Iqbal Pakistan Nuclear Regulatory Authority Presentation at General.
The Quality Management System
Internal Auditing and Outsourcing
IAEA International Atomic Energy Agency International Cooperation in Nuclear Security David Ek Office of Nuclear Security.
International Atomic Energy Agency 0 Meeting on Security Culture Embassy of Hungary, Vienna, 24 April 2012 Towards a CBRN Security Culture: Sharing Nuclear.
Technical Meeting on Evaluation Methodology for Nuclear Power Infrastructure Development December, 2008 Nuclear Safety in Infrastructure Building.
Key Elements of Legislation For Disaster Risk Reduction Second Meeting of Asian Advisory Group of Parliamentarians for DRR 5-7 February, 2014, Vientiane,
IAEA International Atomic Energy Agency Overview of legal framework Regional Workshop - School for Drafting Regulations 3-14 November 2014 Abdelmadjid.
NCHPS Fall Meeting CFR Part 37 Update. Reference: IMPLEMENTATION GUIDANCE FOR 10 CFR PART 37 PHYSICAL PROTECTION OF BYPRODUCT MATERIAL CATEGORY.
IAEA International Atomic Energy Agency Senior Regulators Meeting Technical Cooperation Programme Supporting Radiation Safety Infrastructure in Member.
Anita Nilsson Director, Office of Nuclear Security
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
International Atomic Energy Agency THE “EMERGENCY CONVENTIONS” Interregional Training Course on Technical Requirements to Fulfil National Obligations in.
IAEA International Atomic Energy Agency PGEC Part IV The International System of Radiation Protection and the Regulatory Framework Module IV 2 Conceptual.
1 Building the Privacy culture, starts with the youngsters and their education 20 th and 21 st June 2013 Zagreb, Croatia.
The Nuclear Security Summit and its Two Side Events Anna Péczeli CBRN Security Seminar in Budapest June 17-18, 2014.
International Atomic Energy Agency International Nuclear Security Axel Hagemann Office of Nuclear Security Department of Nuclear Safety and Security International.
Presented by Dr. Kristóf Horváth Deputy Director General Hungarian Atomic Energy Authority Based on the Guideline developed by the WG on Computer Protection.
Programme Performance Criteria. Regulatory Authority Objectives To identify criteria against which the status of each element of the regulatory programme.
IAEA International Atomic Energy Agency Senior Regulators’ Meeting 2013 Radiation Safety Infrastructure in Non- Nuclear Countries Pil Soo Hahn Director.
IAEA International Atomic Energy Agency. IAEA Outline Learning Objectives Introduction IRRS review of regulations and guides Relevant safety standards.
IAEA International Atomic Energy Agency School of Drafting Regulations – November 2014 Government and Regulatory Body Functions and Responsibilities IAEA.
ITU CoE/ARB 11 th Annual Meeting of the Arab Network for Human Resources 16 – 18 December 2003; Khartoum - Sudan 1 The content is based on New OECD Guidelines.
Staffing and training. Objectives To understand approaches to the development of strategies and policies for staffing of a Regulatory Authority including.
IAEA International Atomic Energy Agency International Standards, Codes and Guidance for Radiation Safety Regulatory Infrastructure IAEA Advanced Regional.
International Atomic Energy Agency Irina Sanda Education and Training in the Area of Safety Assessment Irina Sanda Safety Assessment Section Division of.
IAEA International Atomic Energy Agency Milestones in the development of a national infrastructure for nuclear power The Nuclear Security dimension Technical.
Milestones for Nuclear Power Infrastructure Development Establishment of A Regulatory Framework Gustavo Caruso, Section Head, Regulatory Activities Section.
IAEA International Atomic Energy Agency Technical Meeting on Regulatory Oversight of Human and Organizational Factors Vienna, Austria | December.
IAEA International Atomic Energy Agency TM/WS TOPICAL ISSUES ON INFRASTRUCTURE DEVELOPMENT: MANAGING THE DEVELOPMENT OF NATIONAL INFRASTRUCTURE FOR NUCLEAR.
Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.
IAEA International Atomic Energy Agency IAEA Training Course on Conducting Computer Security Assessments Presented by: Donald D. Dudenhoeffer.
IAEA Division of Nuclear Security
IAEA International Atomic Energy Agency Computer Security Culture and Capacity Building Overview Presented by: May 2016.
EC Training and Tutoring Second Coordination Meeting The Capacity Building Service ETReS Education and Training Review Service M. Moracho Ramirez.
NRC’s 10 CFR Part 37 Program Review of Radioactive Source Security
Occupational Radiation Protection during High Exposure Operations
Efforts to strengthen Source Security
AAEA Role in Improving EPR Coordination Interventions among Arab Countries Abdelmajid Mahjoub Arab Atomic Energy Agency
International Workshop on National Registers of Radiation Sources
Training Courses for RPOs
Education and Training in the Area of Safety Assessment Irina Sanda
The IAEA Safety Standards
Radioactive materials and associated facilities
Roles and Responsibilities
Interfaces of Nuclear Safety and Security
IAEA - Department of Nuclear Safety & Security
Presentation transcript:

Khammar Mrabit Director Office of Nuclear Security IAEA Office of Nuclear Security’s Initiatives in Cyber and Information Security Khammar Mrabit Director Office of Nuclear Security

IAEA Role Ministerial Declaration We, Ministers of the Member States of the International Atomic Energy Agency (IAEA),...: Recognize the IAEA’s efforts to raise awareness of the growing threat of cyber-attacks and their potential impact on nuclear security, and encourage the IAEA to make further efforts to foster international cooperation and to assist States, upon request, in this area through the establishment of appropriate guidance and by providing for its application. 2

Computer and Information Security The Computer and Information Security programme is focused on preventing computer acts that could directly or indirectly lead to: unauthorized removal of nuclear/other radioactive material sabotage against nuclear material or nuclear facilities theft of nuclear sensitive information . 3

Mobile Computing Devices New Targets Mobile Computing Devices Control and Instrumentation System 4

International Instruments FUNDAMENTAL PRINCIPLE G: Threat The State’s PP should be based on the State’s current evaluation of the threat. FUNDAMENTAL PRINCIPLE I: Defence in Depth The State’s requirements PP should reflect a concept of several layers and methods of protection (structural or other technical, personnel and organizational) that have to be overcome or circumvented by an adversary in order to achieve his objectives. FUNDAMENTAL PRINCIPLE L: Confidentiality The State should establish requirements for protecting the confidentiality of information, the unauthorized disclosure of which could compromise the physical protection of nuclear material and nuclear facilities. 5

International Instruments Protection of computer systems associated with Other Radioactive Materials Such systems may include: Inventory systems/records Physical access control Security monitoring Operational Calibration Boarder monitoring 6

Nuclear Security Fundamentals (NSS 20) Provide for the establishment of regulations and requirements for protecting the confidentiality of sensitive information and for protecting sensitive information assets; Ensuring through appropriate arrangements that sensitive information or other information exchanged in confidence is adequately and appropriately protected. Routinely performing assurance activities to identify and address issues and factors that may affect the capacity to provide adequate nuclear security, including cyber security, at all times. 7

Current Technical Guidance NSS17 Computer Security at Nuclear Facilities The objective of the document is to provide guidelines to personnel designing, implementing, and managing Instrumentation and Control (I&C) and Information systems and networks at nuclear facilities. The guidance addresses prevention and detection of potential attacks through reference to best practices in architecture, assurance and management of security information and I&C systems. 8

Guidance published and in Draft Fundamentals: NSS No. 20 Objective and Essential Elements of a State’s Nuclear Security Regimeobjectives, concepts, principles Recommendations: NSS No. 13 Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) NSS No. 14 Nuclear Security Recommendations on Radioactive Material and Associated Facilities Implementing Guides: NSS XXX Information Security: Protection and Confidentiality of Sensitive Information in Nuclear Security Technical Guidance: NSS 17 Computer Security for Nuclear Facilities Other areas: Conducting Computer Security Assessments; Computer Security of Nuclear I&C Systems; Computer Incident Response 9

Proposed Additional Guidance Nuclear Security Recommendations or Implementing Guide for Computer Security ? Computer Security Systems and Measures for Nuclear Facilities (implementing guide) ? Computer Security Practices for Nuclear Facilities (Technical Guide) ? These documents are designed to build a top to bottom framework to support Member States, Competent Authorities, and nuclear organizations in developing and conducting assurance activities for computer security. The development of these documents will be discussed at the next Nuclear Security Guidance Committee Meeting in October.

International Physical Protection Advisory Service (IPPAS) New Information and Computer Security Review conducted during IPPAS Missions to: 2012 - Netherlands, Finland, Romania 2013 - Laboratories in Seibersdorf, Hungary Convergence of Physical Protection and Cyber Security 11

Training Activities Training Events The request for awareness and advanced training by Member States continues to grow. This trend will only continue. Primary Training Courses Basic Information and Computer Security Awareness Conducting Cyber Security Assessments Advanced Course in Information and Computer Security Professional Development Course for Nuclear Security Professionals 2007 2008 2009 2010 2011 2012 2013 2014 Projected Training Events Requests are currently in place for 2014 Estimate a sustained 6-9 courses per year 12

2015 Cyber Security Conferences IAEA International Conference on Cyber Security: “Nuclear Security in a Computer World: Prevention, Detection and Resistance to Emerging Cyber Threats” 8-12 June 2015 13

Cyber Security User’s Group IAEA’s information portal for cyber security https://nusec.iaea.org/portal/UserGroups/CyberSecurity/CyberSecurityOverview/tabid/503/Default.aspx 14

Questions Thank you 15

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.