Excellent learning and peer-to-peer networking opportunities with a cross-section of the nuclear industry.
The world’s first certified professional development programme for individuals in nuclear security management.
An extensive archive of information on nuclear security, both from WINS and from external sources.
Helping licensees assess the maturity of their security programme and measure their security culture effectiveness.
A cyberthreat is a dynamic adversary that readily adapts to changes in technology and responds to (i.e. counteracts) the application of specific cybersecurity controls. Consequently, the implementation of a cybersecurity programme must be an active, ongoing process that continually self-evaluates to ensure the organisation meets both nuclear security and business goals, while accounting for ongoing digital transformations. Organisations conduct assurance activities such as internal and external assessments to gain confidence that the cybersecurity programme sufficiently reduces the risk of an event with adverse consequences to nuclear security and likewise to business goals.
The purpose of this BPG is to provide a review of the state of practice in conducting cybersecurity assurance activities as well as types of assessments and assessment methodologies at nuclear facilities to offer guidance from leading industry experts on best practices in this field.
This is a companion document to WINS BPG 4.3 Cybersecurity in the Nuclear Industry.