Nuclear CyberSecurity Considerations - Implementation Guide & Recommendations
Cybercrime poses a significant threat to nuclear security. This article explores Nuclear CyberSecurity challenges, implementation strategies, and recommendations to safeguard nuclear-sensitive information and assets against digital adversaries. Topics cover NSI classification model, backup protocols, management commitment, security architecture, and awareness programs.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
1 Nuclear CyberSecurity Considerations. BY LEENOLD T NDALAMA (CEH | SOPHOS | CISCO | MSC [STELLENBOSCH] )
2 Overview Abstract. What is Nuclear CyberSecuriy? Implementation guide. Recommendations & research. Questions. Conclusion.
3 ABSTRACT Cybercrime is widespread and rapidly increasing unabated in many institutions, government departments and in the private sector, as they are at odds in finding effective CyberSecurity strategies to combat the new vice. The threats of nuclear attacks backed-up by cyber-espionage have become a global issue to which the rate in is rising exponentially. My concern is to address the challenges on Nuclear CyberSecurity, backed up by any form of attack. The vulnerability in IoT (Internet of Things) devices, scarce CyberSecurity experts, lack of CyberSecurity awareness and significant growth in Internet penetration are issues creating new opportunities for different types of attacks.
4 What is Nuclear CyberSecurity? Nuclear CyberSecurity is simply defined as the application of CyberSecurity measures put in place to guard nuclear-sensitive information and assets against digital adversaries in a nuclear environment. CyberSecurity is a broad term that covers the whole spectrum of information and computer security, so considering the risk associated with compromising nuclear security, it is imperative that CyberSecurity in a Nuclear environment be properly understood and customised to meet the requirements and to enhance nuclear safety and security. The nuclear sensitive-information security classification model should be put in place and corresponding measures should be put in place to attain the set objectives.
5 Implementation Guide. NSI Classification model. The responsible regulatory body for nuclear material should develop the NSI classification model that will be adopted by all facilities. This model should adhere to international standards, IAEA standards and recommendations. Regular backups. Fault tolerance and failover should be a trait of the systems in order to enhance business continuity in case of a disaster. Backups should be done regularly and a DRP should be in place. Management commitment. The success of implementing Nuclear CyberSecurity depends with the commitment from management, so managerial buy in is very much important. This also stresses the importance of awareness programs. Nuclear Security Detection Architecture. This is the responsibility of the state and it is imperative to address the CyberSecurity issues at that level, so that commitment and direction cascades from the top to the bottom of the chain. Information Security & Computer Security policy. The policy should conform to the international standards & best practices and should be implemented. Local Area Network (LAN). The LAN should be well defined in a manner that all weak points can be identified, thus, reducing the attack surface. UTM & Endpoint security. Packet traversal within the LAN should be secure. Traffic from the WAN should pass through a firewall so as to enhance security. Awareness programs.A security system is as strong as its weakest link (untrained user), but can be great if properly educated, and building a cybersecurity culture.
6 Recommendations & Research. Zero-trust security model, implemented with micro-segmentation. This is an effective model to implement at facilities with very sensitive nuclear information (category 1&2) since the interception of such information would be drastic. The use of Machine Learning (ML) in Nuclear-CyberSecurity to predict breaches and respond to certain occurrences. A central threat intelligence platform that serves as a repository of information concerning failed and successful breaches will go a long way in equipping facilities with the relevant tools to combat new vices. The IAEA in collaboration with experts in nuclear safety & security and CyberSecurity experts can work together to develop customized tools that particularly address CyberSecurity issues that are unique to NSI and related facilities.
7 Questions & Conclusion. There is a trend of CyberThreats that has been observed over the years and it is important that we understand the prospective nature of threats that may ocurr like sophisticated AI tools and spear-phishing. Concerning these trends and prospective actions, organisations should take a proactive stance to protect themselves against current threats and those that are likely to come. This entails that it is important to invest in research and development and also to keep abreast with the technological advancements within the CyberSecurity fraternity.
8 THE END.. ANY QUESTIONS ????
