skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: IMPLEMENTING CYBERSECURITY INTO AN EXISTING NATIONAL NUCLEAR NON-PROLIFERATION PROGRAMME – A CASE STUDY

Abstract

Cyber threat profiling and risk mitigation is critical to any nuclear state organization and should be considered as part of any comprehensive nuclear security programme. Defining and evaluating the impact of the cyber threat to mission can be challenging. An existing national nuclear non-proliferation organization undertook an effort to incorporate computer security activities into its programme to address cyber risk. One of the primary goals of this endeavour was to develop a set of prioritised recommendations for organizational follow-through. The organization dedicated subject matter expert resources in the form of a cyber task force to support this goal. Opportunities were identified where computer security could be built into each programme including office-level strategies and tools. Of course, no new identified threat vector is easily considered and incorporated into existing programmes without impact. There are many obstacles to be overcome. Technically literate subject matter experts are difficult to find, management has comparatively less experience applying computer security into its programmes, and trying to change the culture to consider computer security risk at policy and programmatic levels takes time and management attention. As an outcome of this process, a roadmap for program integration was developed, including the establishment of a cyber supportmore » team. This paper will discuss the challenges and successes associated with establishing such a team.« less

Authors:
 [1];  [2];  [3];  [3]
  1. INL
  2. Idaho National Laboratory
  3. BATTELLE (PACIFIC NW LAB)
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1604890
Report Number(s):
PNNL-SA-149416
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: International Conference on Nuclear Security (ICONS 2020), February 10-14, 2020, Vienna, Austria
Country of Publication:
Austria
Language:
English
Subject:
Cyber Security, Nuclear, Non-proliferation

Citation Formats

Anderson, Robert A., Hoffman, R, Godwin, Loren S., and VanDyke, Shayne. IMPLEMENTING CYBERSECURITY INTO AN EXISTING NATIONAL NUCLEAR NON-PROLIFERATION PROGRAMME – A CASE STUDY. Austria: N. p., 2020. Web.
Anderson, Robert A., Hoffman, R, Godwin, Loren S., & VanDyke, Shayne. IMPLEMENTING CYBERSECURITY INTO AN EXISTING NATIONAL NUCLEAR NON-PROLIFERATION PROGRAMME – A CASE STUDY. Austria.
Anderson, Robert A., Hoffman, R, Godwin, Loren S., and VanDyke, Shayne. Mon . "IMPLEMENTING CYBERSECURITY INTO AN EXISTING NATIONAL NUCLEAR NON-PROLIFERATION PROGRAMME – A CASE STUDY". Austria.
@article{osti_1604890,
title = {IMPLEMENTING CYBERSECURITY INTO AN EXISTING NATIONAL NUCLEAR NON-PROLIFERATION PROGRAMME – A CASE STUDY},
author = {Anderson, Robert A. and Hoffman, R and Godwin, Loren S. and VanDyke, Shayne},
abstractNote = {Cyber threat profiling and risk mitigation is critical to any nuclear state organization and should be considered as part of any comprehensive nuclear security programme. Defining and evaluating the impact of the cyber threat to mission can be challenging. An existing national nuclear non-proliferation organization undertook an effort to incorporate computer security activities into its programme to address cyber risk. One of the primary goals of this endeavour was to develop a set of prioritised recommendations for organizational follow-through. The organization dedicated subject matter expert resources in the form of a cyber task force to support this goal. Opportunities were identified where computer security could be built into each programme including office-level strategies and tools. Of course, no new identified threat vector is easily considered and incorporated into existing programmes without impact. There are many obstacles to be overcome. Technically literate subject matter experts are difficult to find, management has comparatively less experience applying computer security into its programmes, and trying to change the culture to consider computer security risk at policy and programmatic levels takes time and management attention. As an outcome of this process, a roadmap for program integration was developed, including the establishment of a cyber support team. This paper will discuss the challenges and successes associated with establishing such a team.},
doi = {},
journal = {},
number = ,
volume = ,
place = {Austria},
year = {2020},
month = {3}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: