Background
As existing nuclear facilities are modernised and new ones constructed, their dependence on digital systems is increasing dramatically. This includes the integration of digital systems into everything from business systems to nuclear safety and security systems. These digital technologies are generally categorised as Information Technology (IT) or Operational Technologies (OT). This growing dependence on digital systems brings an ever increasing need to implement strong defense measures to protect digital systems, both IT and OT, from compromise.
Cybersecurity is the protection of digital systems and the information contained within these systems against cyberattacks. Specifically, cybersecurity seeks to protect the confidentiality, integrity and availability of digital systems and the associated data and processes they maintain. Cybersecurity is a subset of information security which looks at the broader protection of information in both digital and physical form. Along with physical protection, cybersecurity needs to be part of the overall security strategy at a nuclear facility, and enhancing cybersecurity capabilities in the nuclear industry is a main priority for WINS.
Objectives
The objective of this five-day in person training course is to build awareness of the cyberthreat to nuclear facilities and to discuss the implementation of cybersecurity to reduce the risk from cyberattack. The course also serves as a venue for information sharing on operator experience related to implementing cybersecurity and developing a cyber-aware culture at nuclear facilities.
This training is derived from the WINS Academy module on Cybersecurity in the Nuclear Industry (CYBSEC2) and the WINS Best Practice Guide Cybersecurity in a Nuclear Facility. On completion of the training delegates will be provided access to the CYBSEC2 online learning and an exam voucher, to achieve certification and become a WINS Certified Nuclear Security specialisation Professional (CNSsP) status should they wish to (individual preference). The certification is recognised by the UK National College for Nuclear (NCfN) and Internationally by the IAEA INFCIRC 901.
Audience
The target audience of this activity are delegates from the UK who have a responsiblity for managing and leading cybersecurity to protect UK nuclear assets from potential cyberthreats. The course is also applicable for non UK based international degelates wishing to gain furhter learning on cybersecurity for the nuclear sector and have a fluent understaning of the English language,
- Operators and Engineers of OT and IT systems
- Government officials
- Regulators
The course has been designed for anyone new to cybersecurity within the nuclear sector and individuals with no or limited Operational Technology (OT) experience. The training will also benefit CISOs and SIRO's who are looking for a better understanding of cybersecurity and in particular the balance of IT versus OT. Placing everything firmly into a nuclear context.
There are a maximum of 20 delegate places available. Nuclear industry professionals including female practitioners from diverse backgrounds and people with diverse gender identities are encouraged to apply.
Process
The course will be delivered by a team of tutors with extensive and first hand knoweldge of cybersecurity in the UK and International nuclear sector. Discussion will also focus on relevant cybersecurity incidents and the lessons learned from these events and the lectures will use scenario-based discussions,deomostrations and group exercises related to implementing and managing cybersecurity at a fictitious nuclear power plant to embed the learning. Participant discussions and questions are greatly encouraged.
The training course will be held in English. As with all WINS events, the discussions will be unclassified but subject to Chatham House rules (what was said can be reported, but not attributed).
The venue for the training course is The School of Computing and Communications, InfoLab21, Lancaster University, Lancaster, United Kingdom LA1 4WA
Note: Refreshments and food will be provided during the course and a soiree social evening will be organisaed in the InfoLab21 Skylounge at the end of Day 2. Dietary intolerances should be advised dusing registration for attending the training course, so these can be accomodated.
The per delegate fee for attending the training course is 2850.00 GBP
Delegates will also need to arrange suitable travel and accommodation. It is recommended that delegates book as early as possible to secure accomodation in close proximity to the Lancaster University (LU) campus. The closest hotel is Lancaster House Hotel, which is situated next to the LU south campus, with footpath connection and a 5 minute walk to InfoLab21. Alternatively, on the LU campus and 10 minutes walk to InfoLab21 is the is onsite: Bed & Breakfast - Lancaster University
The registration deadline is 23 August 2024 to request a delegate place. Confirmation for attendance and an invoice for payment will be provided after the registration has been receieved, for payment to be made in full to secure a delegate place.
