[Click to view images]

Title:

INFCIRC/908 International Practitioner Workshop for Insider Threat Mitigation at Nuclear & Radiological Facilities

Goal:

To create an interactive hands-on environment focused on the selection and implementation of appropriate insider threat preventive and protective mitigation measures for current practitioners at the site level using a graded approach.

Outcomes:
  • Practitioners will address topics related to trustworthiness & reliability determinations across the employee lifecycle, physical protection and technical measures, cybersecurity and sustainability.
  • Participants will have the opportunity to discuss good practices for the implementation of measures with their peers and receive ideas from the workshop contents.
  • Participants will identify gaps and needs for the INFCIRC/908 Steering Committee to address as a resource to this community of practice
Dates:

September 18–22, 2023

Location:

Sandia National Laboratories, Albuquerque, NM

Key Themes:
  • Trustworthiness & Reliability
    • initial vetting & validation
    • continuous monitoring/behavior observation/fitness for duty
  • Physical Protection & Technical Measures
  • Cybersecurity
  • Maintenance & Sustainability

Download Agenda

2023 Agenda

MONDAY, SEPTEMBER 18

THEME: PRE-EMPLOYMENT VETTING and TRUSTWORTHINESS DETERMINATION

TIME

TOPIC

PRESENTER

7:30 am – 9:00 am

Badging

9:00 am – 9:30 am

Welcome and Introductions

S. Shrum, USA
L. De Laet, Belgium
D. Sandison, USA

9:30 am – 9:45 am

INFCIRC/908 Overview

K. Holt, USA
G. Wolf, USA

9:45 am – 10:15 am

Safety Briefing, Agenda Review

S. Spence, USA/L. Lockett, USA

10:15 am – 10:30 am

Break

10:30 am – 11:30 am

Event Kickoff

Discussion on types of insider threat mitigation and considerations moving into the week.

Doel-4 case study presentation

K. Holt, USA
G. Wolf, USA
D. Brams, Belgium

11:30 am – 12:45 pm

Lunch

Trustworthiness & Reliability FG presentation and 908 Lexicon + ITM FG Products presentation PDF

Brief presentation from the Trustworthiness & Reliability Focus Group and an overview of the 908 Lexicon and insider threat mitigation focus group products available to 908 subscribers

F. Wong, USA
M. Cravens, USA
L. De Laet, Belgium

12:45 pm – 1:15 pm

Initial Trustworthiness Determination PDF

Presentation on the initial trustworthiness determination processes and approaches used by the Department of Energy

J. Atencio, USA

1:15 pm – 1:45 pm

Initial Trustworthiness Determination PDF

Presentation on the initial trustworthiness determination processes and approaches used by the Nuclear Regulatory Commission

M. Resner, USA

1:45 pm – 2:15 pm

Initial Trustworthiness Determination PDF

Presentation on the initial trustworthiness determination processes and approaches used in Belgium

L. De Laet, Belgium

2:15 pm – 2:30 pm

Break

2:30 pm – 3:15 pm

Critical Position Identification PDF

A brief recap and small group discussion of what was experienced during the day and participant answers and discussion to focus group questions. Participants will report back to the larger group on the results of their discussion and answer MENTI questions facilitated by a moderator.

J. Davenport, USA

3:15 pm – 4:30 pm

Small Group Discussion PDF

A brief recap and small group discussion of what was experienced during the day and participant answers and discussion to focus group questions. Participants will report back to the larger group on the results of their discussion and answer MENTI questions facilitated by a moderator.

Moderators
J. Landers, USA (NPP)
J. Atencio, USA (RR)
L De Laet, Belgium
M. Dunning, USA (Rad Facilities)
F. Wong, USA

TUESDAY, SEPTEMBER 19

THEME: PRE-EMPLOYMENT VETTING and TRUSTWORTHINESS DETERMINATION

TIME

TOPIC

PRESENTER

8:00 am – 8:15 am

Morning Welcome, Agenda Review

S. Spence/L. Lockett, USA

8:15 am – 9:15 am

PANEL: Measures for Continued Reliability

Panel discussion on the psychological, regulatory, security and management aspects of continuous observation; effective communication; and the role of regulatory bodies and facility management

J. Landers, USA
J. Rogers, USA
M. Resner, USA
R. Clark, USA
J. Atencio, USA

9:15 am – 11:15 am

EXERCISE: Interview Techniques

Exercise in which participants will take part in a scenario that demonstrates the importance of a behavioral observation program.

L. De Laet, Belgium
F. Wong, USA

10:45 am – 12:00 pm

PANEL: Understanding and Evaluating Aberrant Behaviors: Unmasking Potential Insider Threats

Panel discussion on identifying potential insider threats from the perspectives of a psychologist, an intelligence analyst, and a security investigator.

J. Landers, USA
G. Hendrickson, USA
J. Crawford, USA

12:00 pm – 12:15 pm

Workshop Photo

All

12:15 pm – 1:30 pm

Lunch

National Policy & Regulatory Frameworks FG presentation

Brief presentation from the National Policy & Regulatory Frameworks Focus Group PDF

C. Noonan, USA
(delivering virtually)

1:30 pm – 2:30 pm

EXERCISE: Nuclear Security Culture

Scenario-based exercise in which participants use the results of a self-assessment to consider nuclear security culture.

L. De Laet, Belgium
M. Dunning, USA

3:30 pm – 3:45 pm

Break

3:45 pm – 4:45 pm

Small Group Discussion PDF

A brief recap and small group discussion of what was experienced during the day and participant answers and discussion to focus group questions. Participants will report back to the larger group on the results of their discussion and answer MENTI questions facilitated by a moderator.

Moderators
J. Landers,
J. Atencio
L De Laet, Belgium
M. Dunning, USA
(Rad Facilities)
F. Wong, USA

4:45 pm – 5:15 pm

Mock Facility Flyover (Scribe3D ©)

A virtual tour of the mock facilities used for training and demonstrations during this workshop.

S. Spence, USA

WEDNESDAY, SEPTEMBER 20

THEME: PHYSICAL PROTECTION and TECHNICAL MEASURES

TIME

TOPIC

PRESENTER

8:00 am – 8:15 am

Morning Welcome, Agenda Review

S. Spence/L. Lockett, USA

8:15 am – 9:15 am

PANEL: Emerging Technologies PDF, AI PDF, Social Media PDF

Panel on emerging technologies in the areas of artificial intelligence, social media, and artificial neural networks and how they relate to insider threat mitigation

Moderator: N. Noro, Japan
A. Evans, SNL
S. Abbott, SNL
J. Landers, ORNL

9:15 am – 9:30 am

Mock Facility Prep

Safety briefing, security requirements, and brief overview of what to expect

L. Lockett/J. Lewis, USA

9:15 am – 9:30 am

Mock Facility Prep

Safety briefing, security requirements, and brief overview of what to expect

L. Lockett/J. Lewis, USA

9:30 am – 11:30 am

Mock Facility – Research Reactor/Medical Facilities

Nuclear Power Plant (NPP) Group

  • Sensor Test and Evaluation Center (STEC) Entry Control Point PDF

    • Demonstration and discussion on NPP contraband detection policies, procedures, and good practice and how it relates to insider threat mitigation

  • Integrated Security Facility (ISF) Material Receiving Area (MRA) Vault PDF

    • Demonstration and discussion on NPP material receipt and secure storage policies, procedures, and good practice and how it relates to insider threat mitigation

J. Lewis, USA

N. Pope, USA

Research Reactor (RR) Group

  • Spent Fuel Cooling Pond

    • Demonstration and discussion considering how potential sabotage could be conducted at a RR, two-person rule, and other policies, procedures, and good practice to mitigate potential insider threat

  • Pump Room

    • Demonstration and discussion considering how potential sabotage could be conducted at a RR, appropriate access control, and other policies, procedures, and good practice to mitigate potential insider threat

J. Lieberman, USA
R. Clark, USA
A. Coates, USA

Rad Sources Group

  • Insider Theft Case Study

    • Overview of the Jared Atkins case (video) and discussion on insider threat, response, polices, procedures, and good practice.

  • CAS Discussions and Demonstration

    • Demonstration and discussion on central alarm station policies, procedures, and good practice. Includes considerations on insider threat and mitigations.

C. Lopez, USA
J. Walker, USA

D. Adams, USA
G. Wagner, USA
B. Smith, USA

11:30 am – 1:00 pm

Lunch

Physical Protection & Technical Measures FG presentation PDF

Brief presentation from the Physical Protection & Technical Measures Focus Group

P. Blackmore, Canada

1:00 pm – 3:00 pm

Mock Facility – Nuclear Power Plant/Research Reactor

NPP Group

  • Pump Room PDF

    • Demonstration and discussion considering how potential sabotage could be conducted at an NPP, appropriate access control, and other policies, procedures, and good practice to mitigate potential insider threat

  • Spent Fuel Cooling Pond PDF

    • Demonstration and discussion considering how potential sabotage could be conducted at an NPP, two-person rule, and other policies, procedures, and good practice to mitigate potential insider threat

R. Clark, USA
A. Coates, USA

RR Group

  • STEC Entry Control Point PDF

    • Demonstration and discussion on RR contraband detection policies, procedures, and good practice and how it relates to insider threat mitigation

  • ISF MRA Vault

    • Demonstration and discussion on NPP material receipt and secure storage policies, procedures, and good practice and how it relates to insider threat mitigation

J. Lewis, USA

N. Pope, USA

Rad Sources Group

  • Physical Protection Demo

    • Discussion on how physical protection relates to insider threat mitigation, good practice, maintenance, and an overview of in-device delay.

  • Sentry RMS and Sentry Secure Demo

    • Demonstration of Sentry RMS and Sentry Secure and discussion on good practice, insider threat mitigation that programs and processes that software like this provide, etc.

D. Adams, USA
G. Wagner, USA
B. Smith, USA
M. Van Den Avyle, USA

D. Adams, USA
B. Smith, USA
C. Lopez, USA

3:00 pm – 3:15 pm

Break

3:15 pm – 4:30 pm

Small Group Discussion PDF

A brief recap and small group discussion of what was experienced during the day and participant answers and discussion to focus group questions. Participants will report back to the larger group on the results of their discussion and answer MENTI questions facilitated by a moderator

Moderators
J. Landers,
J. Atencio
L De Laet, Belgium
M. Dunning, USA
(Rad Facilities)
F. Wong, USA

6:00 pm – 8:00 pm

Workshop Dinner

All

THURSDAY, SEPTEMBER 21

THEME: CYBERSECURITY (Morning) – MAINTENANCE & SUSTAINABILITY (Afternoon)

TIME

TOPIC

PRESENTER

8:00 am – 8:15 am

Agenda Review, Safety Briefings, etc.

S. Spence/L. Lockett, USA

8:15 am – 9:00 am

Foundational Cybersecurity for General Staff

Presentation on good practice, policies, and procedures for cybersecurity for facility staff and how this supports mitigating insider threat.

C. Nickerson, USA
M. Fabro, Canada

9:00 am – 10:15 am

EXERCISE: Camera Tampering Cyber Attack

Scenario-based exercise in which participants are able to see a demonstration of a camera tampering cyber-attack, recovery, and potential mitigations.

C. Nickerson, USA
M. Fabro, Canada

10:15 am – 10:30 am

Break

10:30 am – 11:30 am

DEMONSTRATION: Cybersecurity Countermeasures

Demonstration, overview, and discussion of cybersecurity countermeasures used to detect, delay, and respond to activities needed to accomplish camera tampering.

C. Nickerson, USA
M. Fabro, Canada

11:30 am – 12:45 pm

Lunch

Cybersecurity FG presentation

Brief presentation from the Cybersecurity Focus Group

M. Cravens, USA

1:00 pm – 3:00 pm

Mock Facility Prep

Safety briefing, security requirements, and brief overview of what to expect

L. Lockett/J. Lewis, USA

1:00 pm – 3:00 pm

Mock Facility

NPP Group

  • Pump Room PDF

    • Demonstration and discussion on maintenance considerations at an NPP and policies, procedures, and good practice for insider threat mitigation.

  • CAS Network Room

    • Demonstration and discussion on computer maintenance considerations at an NPP and policies, procedures, and good practice for insider threat mitigation.

R. Clark, USA
A. Coates, USA
N. Pope, USA

C. Nickerson, USA
M. Fabro, Canda

RR Group

  • CAS Network Room

    • Demonstration and discussion on computer maintenance considerations at a RR and policies, procedures, and good practice for insider threat mitigation.

  • Pump Room

    • Demonstration and discussion on maintenance considerations at a RR and policies, procedures, and good practice for insider threat mitigation.

C. Nickerson, USA
M. Fabro, Canada

J. Lieberman, USA
R. Clark, USA
A. Coates, USA
N. Pope, USA

Rad Sources Group

  • ORS Capacity Building

    • Discussion on capacity building and demonstration of the RSAR Trailer, its uses, and its impact on insider threat mitigation for facilities with radiation sources.

  • Reality-Based Training

    • Demonstration and discussion on reality-based training and insider threat response and mitigation using the VirTra System.

C. Lopez, USA,
C. Gravett, USA

C. Lopez, USA

2:45 pm – 3:45 pm

PANEL: Contracted Maintenance/Supply Chain Vulnerabilities (24)

Panel on contracted maintenance and supply chain vulnerabilities as they relate to insider threat mitigation.

Moderator: R. Clark

T. Danek PDF

B. Cuypers PDF

3:45 pm – 4:00 pm

Break

4:00 pm – 5:00 pm

Small Group Discussion PDF

A brief recap and small group discussion of what was experienced during the day and participant answers and discussion to focus group questions. Participants will report back to the larger group on the results of their discussion and answer MENTI questions facilitated by a moderator.

Moderators
C. Nickerson,
M. Fabro,
L De Laet, Belgium
M. Dunning, USA
(Rad Facilities)
F. Wong, USA

FRIDAY, SEPTEMBER 22

THEME: INFCIRC 908 WORKING GROUPS and ACADEMIA

TIME

TOPIC

PRESENTER

8:00 am – 8:15 am

Agenda Review, Safety Briefings, etc.

S. Spence/L. Lockett, USA

8:15 am – 9:15 am

MENTI Gaps/Needs and Results

Overview and discussion of the MENTI polling results from the small group discussions held throughout the week and identification of gaps highlighted in those discussions.

K. Holt, USA
F. Wong, USA
L. De Laet, Belgium

9:15 am – 11:15 am

EXERCISE: Integrated Measures

Scenario-based, blended physical protection and cybersecurity exercise.

F. Wong, USA

11:15 am – 11:30 am

Break

11:30 am – 12:30 pm

Cultural Influences Interactive Session PDF

Presentation based on Hofstede’s six dimensions of culture and how they can be applied to nuclear security culture, followed by a group discussion with workshop participants.

Dr. C. Speranza, USA

12:30 pm – 1:45 pm

Lunch

PANEL: National and Organizational Culture Influences on Nuclear Security Culture

Panel on embracing diversity in organizational culture and how difference cultures and backgrounds within an organization has/could affect nuclear security culture.

Moderator: Dr. C. Speranza, USA
D. Brams
Dr. M. Zinnedin, USA

1:45 pm – 2:00 m

Security Culture FG presentation PDF

Brief, 15-minute presentation from the Security Culture Focus Group

E. Rogers, USA
Z. Stefanka, Hungary

2:00 pm – 2:15 pm

Course evaluation

Workshop evaluation for participants to complete based on their experiences this week.

All

2:15 pm – 2:30 pm

Closing Remarks

2:30 pm

Adjournment

Sponsored by: National Nuclear Security Administration Federal Agency for Nuclear Control
Contact Us