Excellent learning and peer-to-peer networking opportunities with a cross-section of the nuclear industry.
The world’s first certified professional development programme for individuals in nuclear security management.
An extensive archive of information on nuclear security, both from WINS and from external sources.
Helping licensees assess the maturity of their security programme and measure their security culture effectiveness.
Nuclear materials and facilities cannot be considered secure without the effective integration of interfaces between different aspects of security. Whereas physical security is concerned with provisions designed to prevent unauthorised access to facilities, and to protect personnel and property from damage or harm, cybersecurity is made up of technologies, processes and practices designed to protect networks, computers, and data from attack, damage or unauthorised access. However, because individuals in charge of security may have dissimilar backgrounds and employ different methodologies, they do not always work together as effectively as possible.
Modern physical security systems are fully digitised and often networked, to the point that they have become vulnerable to crippling attacks through cyber vectors, potentially opening the facility to physical intrusions. At the opposite end of the spectrum, some digital assets – such as control room terminals – may rely entirely on restricted physical access for their security. Many other systems are protected through a blend of physical and digital controls, requiring a careful balance and good understanding of synergies.
The effective security of nuclear materials and associated facilities also depends on understanding how physical and cyber assets are connected, and how the vulnerabilities of these assets could be exploited by both physical and cyber threats. When assessing security measures, the following questions need to be considered: what are the potential weaknesses of computer-based physical protection systems and how can they be mitigated? Who is responsible for responding to cybersecurity incidents, and how do they interface with response arrangements in case of physical intrusion? How robust is the IT infrastructure against physical attacks?
For a security programme, developing effective objectives, goals, methodologies and – even more importantly – a language that is shared across its sub-disciplines are the key elements to support the consistent integration and interoperability between its different aspects. At the highest level, all elements of security share the same goal: protecting the assets of a facility from compromise and attacks. The cultural and specific knowledge of physical and cybersecurity may differ broadly, and there are still relatively few specialists who have an in-depth understanding of both fields. Nonetheless, integration is the only path towards comprehensive security, and understanding the building blocks of both disciplines is the first step along that path.
Integration – while an undeniable challenge – should also be seen as an opportunity. It reduces costs, increases operational efficiencies, streamlines the management of security breaches in both domains, allows for more effective forensic investigations, and, crucially, puts the organisation in a stronger position to protect against current and future blended threats.
The purpose of this webinar was to:
The agenda for this webinar consisted of selected speakers who are experts in their field.
Our special guests for the webinar were:
Date: Thursday, 10 June 2021 at 10:00 AM (CEST)
Duration: 60 minutes
Recording: The webinar recording is available here.