Webinar 1: Core Elements of a Computer Security Programme
This NucSecCyber Webinar will be held on July 21, 2021 (Wed) at 14:00 Vienna time (UTC+01:00)
Nuclear Security requires essential element of a computer security program to establish a computer security regime within a State. The new Nuclear Security Series 42-G, Computer Security for Nuclear Security, outlines these elements through the identification of critical organizational units and key computer security competencies. This will involve State level computer security regulations and requirements with enforcement through Competent Authorities, and implementation by owners, operators, and 3rd party entities in order to ensure a computer security regime.
This webinar will introduce each organization unit with the responsibilities to establish a computer security program, and then industry experts will share their experiences in applying the IAEA computer security guidance.
Webinar 2: Application of IAEA Guidance and Technical Approaches Across Nuclear Security
This NucSecCyber Webinar will be held on August 18, 2021 (Wed) at 14:00 Vienna time (UTC+01:00)
Member state require the implementation of computer security controls to preventing and protecting against unauthorized removal of nuclear material, sabotage of nuclear facilities and unauthorized access to sensitive nuclear information. The new Nuclear Security Series 17-T Rev. 1, Computer Security Techniques for Nuclear Facilities defines the techniques in developing and applying computer security defenses through a graded approach to protect against cyber threats.
This webinar will present the technical approaches to establish a defensive computer security architecture and associated controls including industry experts experience in applying the IAEA techniques.
Webinar 3: Supply Chain Management for Nuclear Security
This NucSecCyber Webinar was held on September 22, 2021 (Wed) at 14:00 Vienna time (UTC+01:00)
Nuclear facilities and operations rely upon complex networks of suppliers, vendors and integrators with multiple tiers of globally dispersed suppliers throughout the supply chain life cycle. This network includes designers, developers, contractors, manufacturers, integrators, solution providers and logistics providers (including shippers, carriers and customs agents). The complexity of these networks provides numerous possibilities for an adversary to compromise a service or device, or to acquire system information prior to use within a facility or organization within the nuclear security regime.
This webinar will present the critical issues and mitigation techniques for supply chain, which introduces the countless attack vectors through the many entry points (touchpoints) through the design, hardware and software development, testing, transportation, installation, operation, maintenance and decommissioning.
Webinar 4: Computer Security Continuous Improvement (Assessments & Exercises)
This NucSecCyber Webinar will be held on October 20, 2021 (Wed) at 14:00 Vienna time (UTC+01:00)
Effective computer security for nuclear security requires testing and evaluation of computer security processes and protections as a continuous improvement process through self or formal assessments and exercises to verify and validate their effectiveness.
This webinar will present an assessment and exercise methodology that are based on IAEA TDL-006, Conducting Computer Security Assessments at Nuclear Facilities, and a future non-serial publication on Computer Security Exercises for Nuclear Security.
Webinar 5: Incident Response for Computer Security
This NucSecCyber Webinar was held on November 24, 2021 (Wed) at 14:00 Vienna time (UTC+01:00)
The development of a national framework for managing the response to a nuclear security event is an important part of a national nuclear security regime and a critical element in a computer security program. Member States need to develop comprehensive response plans for computer security incidents with the potential to adversely impact nuclear security and/or nuclear safety.
This webinar will raise awareness on computer security incident response capabilities for recover and analysis. This will be based on the IAEA TDL documents Computer Security Incident Response Planning at Nuclear Facilities (TDL 005).