Background
As existing nuclear facilities are modernised and new ones constructed, their dependence on digital systems is increasing dramatically. This includes the integration of digital systems into everything from business systems to nuclear safety and security systems. These digital technologies are generally categorised as Information Technology (IT) or Operational Technologies (OT). This growing dependence on digital systems brings an ever increasing need to implement strong defense measures to protect digital systems, both IT and OT, from compromise.
Cybersecurity is the protection of digital systems and the information contained within these systems against cyberattacks. Specifically, cybersecurity seeks to protect the confidentiality, integrity and availability of digital systems and the associated data and processes they maintain. Cybersecurity is a subset of information security which looks at the broader protection of information in both digital and physical form. Along with physical protection, cybersecurity needs to be part of the overall security strategy at a nuclear facility, and enhancing cybersecurity capabilities in the nuclear industry is a main priority for WINS.
Objectives
The objective of this five-day in person training course is to build awareness of the cyberthreat to nuclear facilities and to discuss the implementation of cybersecurity to reduce the risk from cyberattack. The course also serves as a venue for information sharing on operator experience related to implementing cybersecurity and developing a cyber-aware culture at nuclear facilities.
This training is derived from the WINS Academy module on Cybersecurity in the Nuclear Industry (CYBSEC2) and the WINS Best Practice Guide Cybersecurity in a Nuclear Facility. On completion of the training delegates will be provided access to the CYBSEC2 online learning and an exam voucher, to achieve certification and become a WINS Certified Nuclear Security specialisation Professional (CNSsP) status should they wish to (individual preference). The certification is recognised by the UK Natioanal College for Nuclear (NCfN) and Internatiuonally by the IAEA INFCIRC 901.
Audience
The main target audience of this activity are delegates from the United Kingdom (UK):
- Operators/licensees
- Nuclear industry organisations
- Academia
- Government officials
- International and non-governmental organisations
- Regulators
There are 24 delegate places available. Nuclear industry professionals including female practitioners from diverse backgrounds and people with diverse gender identities are encouraged to apply.
Process
The course will be delivered by a team of tutors with extensive and first hand knoweldge of cybersecurity in the UK and International nuclear sector. Discussion will also focus on relevant cybersecurity incidents and the lessons learned from these events and the lectures will use scenario-based discussions,deomostrations and group exercises related to implementing and managing cybersecurity at a fictitious nuclear power plant to embed the learning. Participant discussions and questions are greatly encouraged.
The training course will be held in English. As with all WINS events, the discussions will be unclassified but subject to Chatham House rules (what was said can be reported, but not attributed).
The venue for the training course is The School of Computing and Communications, InfoLab21, Lancaster University, Lancaster, United Kingdom LA1 4WA
Note: Refreshments and food will be provided during the course and a soiree social evening will be organisaed in the InfoLab21 Skylounge at the end of Day 1. Dietary intolerances should be advised dusing registration for attending the training course, so these can be accomodated.
The per delegate fee for attending the training course is 2850.00 GBP (vat exempt)
Delegates will also need to arrange suitable travel and accommodation. It is recommended that delegates stay in close proximity to the Lancaster University (LU) campus. The closest hotel is Lancaster House Hotel, which is situated next to the LU south campus, with footpath connection and a 5 minute walk to InfoLab21. Alternatively, on the LU campus and 10 minutes walk to InfoLab21 is the is onsite: Bed & Breakfast - Lancaster University
The registration deadline is 19 February 2024 to request a delegate place. Confirmation for attendance and an invoice for payment will be provided shortly after the registration has been receieved, for payment to be made in full by 15 March 2024 to secure a delegate place.
