skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.

Abstract

In recent years, insider threat programs have become an important aspect of nuclear security, and nuclear security training courses. However, many nuclear security insider threat programs fail to address the insider threat attack and monitoring potential that exists on information technology (IT) systems. This failure is critical because of the importance of information technology and networks in today’s world. IT systems offer an opportunity to perpetrate dangerous insider attacks, but they also present an opportunity to monitor for them and prevent them. This paper suggests a number of best practices for monitoring and preventing insider attacks on IT systems, and proposes the development of a new IT insider threat tabletop that can be used to help train nuclear security practitioners on how best to implement IT insider threat prevention best practices. The development of IT insider threat best practices and a practical tabletop exercise will allow nuclear security practitioners to improve nuclear security trainings as it integrates a critical part of insider threat prevention into the broader nuclear security system.

Authors:
 [1]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1367469
Report Number(s):
SAND2017-5954R
653908
DOE Contract Number:
AC04-94AL85000
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
98 NUCLEAR DISARMAMENT, SAFEGUARDS, AND PHYSICAL PROTECTION

Citation Formats

Abbott, Shannon. Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.. United States: N. p., 2017. Web. doi:10.2172/1367469.
Abbott, Shannon. Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.. United States. doi:10.2172/1367469.
Abbott, Shannon. Thu . "Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.". United States. doi:10.2172/1367469. https://www.osti.gov/servlets/purl/1367469.
@article{osti_1367469,
title = {Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.},
author = {Abbott, Shannon},
abstractNote = {In recent years, insider threat programs have become an important aspect of nuclear security, and nuclear security training courses. However, many nuclear security insider threat programs fail to address the insider threat attack and monitoring potential that exists on information technology (IT) systems. This failure is critical because of the importance of information technology and networks in today’s world. IT systems offer an opportunity to perpetrate dangerous insider attacks, but they also present an opportunity to monitor for them and prevent them. This paper suggests a number of best practices for monitoring and preventing insider attacks on IT systems, and proposes the development of a new IT insider threat tabletop that can be used to help train nuclear security practitioners on how best to implement IT insider threat prevention best practices. The development of IT insider threat best practices and a practical tabletop exercise will allow nuclear security practitioners to improve nuclear security trainings as it integrates a critical part of insider threat prevention into the broader nuclear security system.},
doi = {10.2172/1367469},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Thu Jun 01 00:00:00 EDT 2017},
month = {Thu Jun 01 00:00:00 EDT 2017}
}

Technical Report:

Save / Share:
  • Seven case studies are presented. The cases include thefts of various materials and sabotage. For each case there is an overview of the incident, a timeline, a profile of the perpetrator, and a discussion of the security system failures which allowed the incident to take place.
  • Guidance is presented for the development of work rules that will assist in protecting nuclear fuel facilities against the threat of employee collusion. Evaluation criteria for safeguards performance against this threat are discussed. Five types of work rules are presented: area zoning, function zoning, team zoning, time zoning and operation zoning. The strengths and weaknesses of each are discussed and examples are given. Methods for optimization of work rules are described.
  • After completing this session, you should be able to: Describe the Insider Threat; Characterize the cyber insider threat; Describe preventive measures against the insider threat; Describe protective measures against the insider threat.
  • Insiders represent a formidable threat to nuclear facilities. This set of workshop materials covers methodologies to analyze and approaches to mitigate the threat of an insider attempting abrupt and protracted theft of nuclear materials. This particular set of materials is an update of a January 2008 version to add increased emphasis on Material Control and Accounting and its role with respect to protracted insider nuclear material theft scenarios. This report is a compilation of workshop materials consisting of lectures on technical and administrative measures used in Physical Protection (PP) and Material Control and Accounting (MC&A) and methods for analyzing theirmore » effectiveness against a postulated insider threat. The postulated threat includes both abrupt and protracted theft scenarios. Presentation is envisioned to be through classroom instruction and discussion. Several practical and group exercises are included for demonstration and application of the analysis approach contained in the lecture/discussion sessions as applied to a hypothetical nuclear facility.« less
  • Insiders represent a formidable threat to nuclear facilities. This set of workshop materials covers methodologies to analyze and approaches to mitigate the threat of an insider attempting abrupt and protracted theft of nuclear materials. This particular set of materials is a n update of a January 2008 version to add increased emphasis on Material Control and Accounting and its role with respect to protracted insider nuclear material theft scenarios.