Background
As existing nuclear facilities are modernised and new ones constructed, their dependence on digital systems is increasing dramatically. This includes the integration of digital systems into everything from business systems to nuclear safety and security systems. These digital technologies are generally categorised as Information Technology (IT) or Operational Technologies (OT). This growing dependence on digital systems brings an ever increasing need to implement strong defense measures to protect digital systems, both IT and OT, from compromise.
Cybersecurity is the protection of digital systems and the information contained within these systems against cyberattacks. Specifically, cybersecurity seeks to protect the confidentiality, integrity and availability of digital systems and the associated data and processes they maintain. Cybersecurity is a subset of information security which looks at the broader protection of information in both digital and physical form. Along with physical protection, cybersecurity needs to be part of the overall security strategy at a nuclear facility, and enhancing cybersecurity capabilities in the nuclear industry is a main priority for WINS.
Objectives
The objective of this five-day in person training course is to build awareness of the cyberthreat and risks to nuclear facilities. The course will cover how to implement cybersecurity to manage and reduce the risk, prevent, detect, delay and recover from a cyberattack. The course also serves as a venue for information sharing on operator experience related to implementing cybersecurity and developing a cyber-aware culture at nuclear facilities.
This training is derived from the WINS Academy module on Cybersecurity in the Nuclear Industry (CYBSEC2) and the WINS Best Practice Guide Cybersecurity in a Nuclear Facility. On completion of the training and course evaluation delagates will be offered the addtional opportunity to access the CYBSEC2 online learning and to take the exam at a PearsonVue Test Centre or OnVUE online proctored exam, to achieve certification and become a WINS Certified Nuclear Security specialisation Professional (CNSsP) status should they wish to (individual preference). The certification is reognised by the UK National College for Nuclear (NCfN) and Internationally by the IAEA INFCIRC 901.
Audience
The target audience of this training are delegates from the UK who have a responsiblity for operations of IT and OT systems and equipment and delegates who have a responsiblity for managing and leading cybersecurity to protect UK nuclear assets from potential cyberthreats. The course is also applicable for non UK based international degelates wishing to gain further learning on cybersecurity for the nuclear sector and have a fluent understanding of the English language,
- Facility Operators and Engineers of OT and IT systems
- Cyber and Threat Analysts
- Government officials and Security Officers
- Regulatory Inspectors
The course has been designed for anyone new to cybersecurity within the nuclear sector and individuals with no or limited Operational Technology (OT) experience. The training will also benefit CISOs and SIRO's who are looking for a better understanding of cybersecurity and in particular the balance of IT versus OT. Placing everything firmly into a nuclear context.
There are 24 delegate places available. Nuclear industry professionals including female practitioners from diverse backgrounds and people with diverse gender identities are encouraged to apply.
Process
The course will be delivered by a team of tutors with extensive and first hand knoweldge of cybersecurity in the UK and International nuclear sector. Discussion will also focus on relevant cybersecurity incidents and the lessons learned from these events and the lectures will use scenario-based discussions,deomostrations and group exercises related to implementing and managing cybersecurity at a fictitious nuclear power plant to embed the learning. Participant discussions and questions are greatly encouraged.
The training course will be held in English. As with all WINS events, the discussions will be unclassified but subject to Chatham House rules (what was said can be reported, but not attributed).
The venue for the training course is The School of Computing and Communications, InfoLab21, Lancaster University, Lancaster, United Kingdom LA1 4WA
Note: Refreshments and food will be provided during the course and a soiree social evening will be organisaed in the InfoLab21 Skylounge on one of the evenings. Dietary intolerances should be advised dusing registration for attending the training course, so these can be accomodated.
The per delegate fee for attending the training course is 2850.00 GBP
Delegates will also need to arrange suitable travel and accommodation. It is recommended that delegates book as early as possible to secure accomodation in close proximity to the Lancaster University (LU) campus. The closest hotel is Lancaster House Hotel, which is situated next to the LU south campus, with footpath connection and a 5 minute walk to InfoLab21. Alternatively, on the LU campus and 10 minutes walk to InfoLab21 is the is onsite: Bed & Breakfast - Lancaster University Addtional hotels are avaialble in Lanacaster, approximately 10 minutes drive from the LU Campus.
Registration is requested as soon as possble for delegate places to be secured. Once registration is confirmed this will be followed up for invoicing and payment to be made prior to attendingthe training.
