About the International Working Group
How the International Working Group was Formed
Insiders pose a significant threat to nuclear security because they generally possess access rights which, together with their authority and knowledge, grant them far greater opportunity than outsiders to bypass dedicated nuclear security measures.
The Advancing INFCIRC/908 “Mitigating Insider Threats” International Working Group (IWG) was established in 2020 as an outcome of the inaugural International Symposium on Insider Threat Mitigation to facilitate cooperation and sustained engagement on insider threat mitigation measures for nuclear and other radioactive material facilities, organizations, and regulating authorities. The IWG is an international community of practice that provides a unique and common forum to share good practices, discuss challenges, and build upon efforts of other disciplines in advancing insider threat mitigation via practical measures. Co-chaired by the United States and Belgium, the IWG works to raise awareness of issues, develop practical products, and explore impacts of novel developments and trends. The IWG also develops and maintains connections with non-governmental experts, industry, and academia, and determines additional steps to advance the state-of-practice of the international community for insider threat mitigation for nuclear and other radioactive material security.
BACKGROUND: FOUNDATIONAL DOCUMENTS
Did You Know?
For all known cases involving theft of nuclear or other radioactive materials, an insider was involved.
Access, Authority, Knowledge
Insiders possess at least one of the following attributes that provide advantages over external adversaries when attempting malicious activities:
Access
Insiders have authorized access to the areas, equipment and information needed to perform their work. Access includes physical access to nuclear or other radioactive material facilities; nuclear materials and associated systems, components, and equipment; and computer systems. Access also includes remote computer access to a facility, such as access to computer systems and networks that control processes, provide safety, contain sensitive information, or otherwise contribute to nuclear security. The operator should not permit remote access to critical systems, such as systems relevant to safety.
Authority
Insiders are authorized to conduct operations as part of their assigned duties and may also have the authority to direct other employees. This authority may be used to support malicious acts, including either physical or computer-based acts, such as digital file or process manipulation.
Knowledge
Insiders may possess knowledge of the facility, associated activities or systems, ranging from limited to expert knowledge. This may include knowledge that could enable an insider to bypass or defeat dedicated physical protection systems and other facility systems that contribute to nuclear security, such as safety and nuclear material accounting and control (NMAC) systems, operating procedures, and response capabilities.
These attributes may also include access to, or knowledge of, sensitive information or sensitive information assets, including information regarding the transport or movement of nuclear or other radioactive material.
