entergy nuclear cyber security compliance and management · site staff (site cyber security lead)...
TRANSCRIPT
Entergy Nuclear Cyber Security Compliance and Management
Sparky Soudah | March 12, 2019
Nuclear Regulatory Commission Regulatory Information Conference
2
Entergy At A Glance
• Entergy Corporation is an integrated energy
company engaged primarily in electric power
production and retail distribution operations
• Entergy Nuclear owns, operates, supports
and provides management services to a
national fleet of 10 reactors in 8 locations in
the U.S
• Entergy Nuclear has approximately 7,000
employees
• Entergy owns and operates power plants with
approximately 30,000 megawatts of electric
generating capacity, including approximately
9,000 megawatts of nuclear power
GovernanceEnsure compliance, ownership, accountability and transparency
of program management. Ensure the program's goals and
objectives are aligned with those of the enterprise.
OversightResponsible for assuring the quality of program management
through the performance of reviews, audits, and assessments.
ExecutionExecution of program elements throughout lifecycle including
CDA assessments and the remediation of any identified gaps.
Management of CDA SIEM alerts, threat notifications, and
technical issues.
SupportProvide necessary supplemental support to ensure program
compliance and adequate security posture including execution
of requested activities.
3
Entergy Nuclear Cyber Program Functional Structure
Chief Nuclear Officer Chief Information Officer (CIO)
IT-Operations Technology (OT)
Fleet Nuclear Cyber Security Team
Nuclear Cyber Incident Response Team (NCIRT)
Consulting Members
IT - Operations Technology
Site Staff
(Site Cyber Security Lead)
Cyber Digital Asset (CDA) System Owners
IT, Engineering, Operations, Security, Maintenance,
and Emergency Planning
Supply Chain
Chief Security Office (CSO)
Site Cyber Security Assessment Team (CSAT)
Information Technology, Regulatory Assurance,
Engineering, Operations, Security, and
Emergency Planning
IT Information Security
(w/specialized skill set)
Corporate Consolidated Security Operations
Center (CSOC)
Corporate Technical Cyber Incident Response
Team (TCIRT)
Nuclear Independent Oversight (NIOS)
Fleet Cyber Peer Groups
(Procedures, Infrastructure, Periodic Activities,
Vulnerability Management, CDA Assessments)
Corporate Crisis Response Team
Site Vice President
4
Entergy Nuclear Fleet Oversight and Alignment
Fleet Program Governance, Oversight, and IT Support
Fleet Standard Cyber Training, Procedures, and Work Instructions
Program Reviews and Corrective Action Program
(CAP) Entergy Consolidated Security Operations Center (CSOC) and Incident Response Team
Fleet Nuclear Cyber Security Program Alignment
Fleet Standard Cyber Digital Asset (CDA) Assessment Tool
Fleet Cyber Program Peer Groups
Site IT Managers
are program
leads at each
site and execute
on fleet
directives to
maintain fleet
alignment and
consistency
Enterprise IT
5
Entergy Cyber Security Implementation At A Glance
2 Years of Planning and
Implemented 696 cybersecurity controls at
5 nuclear sites
Performed 13 Engineering Changes and
Returned to Service before Effective Date
Performed approximately 1,500 CDA
Assessments on more than 11,000 CDAs
Integrated alerts with the 24/7 enterprise
Consolidated Security Operations
Center
Installed more than 1000 network and
security devices for Critical Digital
Assets (CDAs)
Approved 21 fleet and site positions
approved to support the Nuclear Cyber
Program
Completed approximately 1,900 Work
Orders and Work Trackers for CDAs
Created or updated 28 Nuclear IT
Procedures and 58 Nuclear Non-IT
Procedures
Cyber Security
program became
effective as NRC
regulated program
on 12/15/2017 for
all sites
6
Entergy Nuclear Cyber Security – NRC Inspections Lessons Learned
Three (3) Inspections completed in 2018 • River Bend Station - May 2018
• Arkansas Unit 1 & 2 - July 2018
• Waterford 3 - November 2018
What went well:• Entergy fleet resources were fully engaged at each individual site NRC inspection
• Clear NRC and Entergy roles, responsibilities, and expectations
• NRC staff was organized and communicated openly with the Entergy team
• NRC understands complexity of program while providing Entergy adequate response time and open dialogue
• NRC open to participation of other Entergy site observers during inspection briefings
• Information week (bag week) – enabled alignment and readiness
Challenges:• Pre-inspection Request For Information (RFI) information required extensive resources and time to organize
• Extensive Entergy resources were engaged during the inspection
7
Entergy Nuclear Cyber Security – Program Success Factors
• Entergy ownership of the program at the corporate and site level
• Effective communication channels maintained between Fleet Cyber Program Management team
and nuclear sites
• Creation of fleet program Peer Groups - Resolve issues and maintain alignment between the sites
• Collaboration with Industry peers and assessments from third party consultants - Diversity of
expertise and experience
• Clear line of communication between the NRC and Entergy
• Operating Experience (OE), observations, and assessment results were used as a cornerstone to
improve compliance and cyber security posture
8
Entergy Nuclear Cyber Security – What’s Next?
• Continue to be self-critical and make improvements
• Streamline cyber security procedures to ensure they are user friendly and align with the Entergy
Security Control Implementation Strategy (SCIS)
• Develop Key Performance Indicators (KPI) for the program
• Engage in industry initiatives on improving implementation of the cyber security rule and the
performance of future NRC inspections
• Improve cyber security training and awareness throughout the organization
9
Entergy Nuclear Cyber Security Compliance and Management