1 Nuclear Cyber Security Considerations BY LEENOLD T

1 Nuclear Cyber. Security Considerations. BY LEENOLD T NDALAMA (CEH | SOPHOS | CISCO | MSC [STELLENBOSCH] )

2 Overview Abstract. What is Nuclear Cyber. Securiy? Implementation guide. Recommendations & research. Questions. Conclusion.

3 ABSTRACT Cybercrime is widespread and rapidly increasing unabated in many institutions, government departments and in the private sector, as they are at odds in finding effective Cyber. Security strategies to combat the new vice. The threats of nuclear attacks backed-up by cyber-espionage have become a global issue to which the rate in is rising exponentially. My concern is to address the challenges on Nuclear Cyber. Security, backed up by any form of attack. The vulnerability in Io. T (Internet of Things) devices, scarce Cyber. Security experts, lack of Cyber. Security awareness and significant growth in Internet penetration are issues creating new opportunities for different types of attacks.

4 What is Nuclear Cyber. Security? Nuclear Cyber. Security is simply defined as the application of Cyber. Security measures put in place to guard nuclear-sensitive information and assets against digital adversaries in a nuclear environment. Cyber. Security is a broad term that covers the whole spectrum of information and computer security, so considering the risk associated with compromising nuclear security, it is imperative that Cyber. Security in a Nuclear environment be properly understood and customised to meet the requirements and to enhance nuclear safety and security. The nuclear sensitive-information security classification model should be put in place and corresponding measures should be put in place to attain the set objectives.

5 Implementation Guide. NSI Classification model. The responsible regulatory Regular backups. Fault tolerance and failover should be a trait of the systems in order to enhance business continuity in case of a disaster. Backups should be done regularly and a DRP should be in place. UTM & Endpoint security. Packet traversal Management commitment. The success of implementing Nuclear Cyber. Security depends with the commitment from management, so managerial buy in is very much important. This also stresses the importance of awareness programs. Awareness programs. A security system is as Nuclear Security Detection Architecture. This is the responsibility of the state and it is imperative to address the Cyber. Security issues at that level, so that commitment and direction cascades from the top to the bottom of the chain. Information Security & Computer Security policy. The policy should conform to the international standards & best practices and should be implemented. Local Area Network (LAN). The LAN should be well defined in a manner that all weak points can be identified, thus, reducing the attack surface. within the LAN should be secure. Traffic from the WAN should pass through a firewall so as to enhance security. strong as its weakest link (untrained user), but can be great if properly educated, and building a cybersecurity culture. body for nuclear material should develop the NSI classification model that will be adopted by all facilities. This model should adhere to international standards, IAEA standards and recommendations.

6 Recommendations & Research. Zero-trust security model, implemented with micro-segmentation. This is an effective model to implement at facilities with very sensitive nuclear information (category 1&2) since the interception of such information would be drastic. The use of Machine Learning (ML) in Nuclear-Cyber. Security to predict breaches and respond to certain occurrences. A central threat intelligence platform that serves as a repository of information concerning failed and successful breaches will go a long way in equipping facilities with the relevant tools to combat new vices. The IAEA in collaboration with experts in nuclear safety & security and Cyber. Security experts can work together to develop customized tools that particularly address Cyber. Security issues that are unique to NSI and related facilities.

7 Questions & Conclusion. There is a trend of Cyber. Threats that has been observed over the years and it is important that we understand the prospective nature of threats that may ocurr like sophisticated AI tools and spear-phishing. Concerning these trends and prospective actions, organisations should take a proactive stance to protect themselves against current threats and those that are likely to come. This entails that it is important to invest in research and development and also to keep abreast with the technological advancements within the Cyber. Security fraternity.

8 THE END. . ANY QUESTIONS ? ?