A 7-step checklist for nuclear cybersecurity readiness
In March 2009, the U.S. Nuclear Regulatory Commission (NRC) issued CFR 73.54, requiring the nation’s 61 commercially operating nuclear power plants to establish cybersecurity assessment teams and submit customized plans for protecting their critical digital assets, known as CDAs.
Plants were provided with a series of milestones and site-specific deadlines to guide their adherence to the new rule. In 2017, all 61 plants will face deadlines for Milestone 8: Full cybersecurity plan implementation accompanied by continuous evaluation and management.
“With decades of experience in the cyber arena, we not only know the policies, architectures, and intelligence that best define cyber enterprises and operations, but we helped pioneer them.”
As Milestone 8 mandates hit, inspections begin. Starting in mid-2017 and extending into 2020, the NRC will inspect each of the nation’s nuclear plants for Milestone 8 compliance, focusing on seven areas in particular:
Detection, response, and elimination
Defense-in-depth
Supply chain
Data integrity
Asset monitoring, assessment, configuration, and change management
Attack migration, incident response, and contingency planning
Personnel training, education, communications, and certifications
Completing Milestone 8 is a significant achievement. Utilities across the country have invested substantial time and resources toward developing, implementing, and sustaining advanced cybersecurity programs that meet the NRC’s necessarily exacting standards.
To help plants ensure they’ve exceeded those standards and fully protected themselves against today’s diverse cyber threats, Booz Allen’s energy experts have developed the Nuclear Cybersecurity Implementation Checklist. Spanning each of the NRC’s seven focus areas, the checklist provides a baseline for each site to determine its inspection readiness.
For over 100 years, Booz Allen has helped commercial and government organizations overcome unprecedented challenges and transform themselves. With decades of experience in the cyber arena, we not only know the policies, architectures, and intelligence that best define cyber enterprises and operations, but we helped pioneer them.
Provide your contact information below to download the Nuclear Cybersecurity Implementation Checklist and learn more about how our people—engineers, analysts, developers, and strategists—can help your enterprise stay prepared for an ever-changing threat landscape.