About

How the International Working Group was Formed

Insiders pose a significant threat to nuclear security because they generally possess access rights which, together with their authority and knowledge, grant them far greater opportunity than outsiders to bypass dedicated nuclear security measures.

The Advancing INFCIRC/908 “Mitigating Insider Threats” International Working Group (IWG) was established in 2020 as an outcome of the inaugural International Symposium on Insider Threat Mitigation to facilitate cooperation and sustained engagement on insider threat mitigation measures for nuclear and radiological facilities, organizations, and regulating bodies. The IWG is an international community of practice that provides a unique forum to share good practices, discuss challenges, and explore the implementation of other disciplines to advance the global state of insider threat mitigation for nuclear and other radioactive material security. Co-Chaired by the United States and Belgium, the IWG discusses a broad range of insider threat mitigation-related issues, including identifying emerging trends that may require more focused attention. The IWG also develops and maintains linkages to non-governmental experts, industry, and academia, and determines additional steps to advance the state-of-practice of the international community for insider threat mitigation for nuclear security.

This website serves as a “one-stop” portal for information, activities, events, and products of the IWG. When available, the international community is invited to download and use the IWG products and view the presentation materials from events. Some products are available in other languages in addition to English.

BACKGROUND: FOUNDATIONAL DOCUMENTS

INFCIRC/908 Revision 1 INFCIRC/908 Fact Sheet

Did You Know?

For all known cases involving theft of nuclear or other radioactive materials, an insider was involved.

Access, Knowledge, Authority

Insiders possess at least one of the following attributes that provide advantages over external adversaries when attempting malicious activities:

Access

Insiders have authorized access to the areas, equipment and information needed to perform their work. Access includes physical access to nuclear facilities; nuclear materials and associated systems, components, and equipment; and computer systems. Access also includes remote computer access to a facility, such as access to computer systems and networks that control processes, provide safety, contain sensitive information, or otherwise contribute to nuclear security. The operator should not permit remote access to critical systems, such as systems relevant to safety.

Authority

Insiders are authorized to conduct operations as part of their assigned duties and may also have the authority to direct other employees. This authority may be used to support malicious acts, including either physical or computer-based acts, such as digital file or process manipulation.

Knowledge

Insiders may possess knowledge of the facility, associated activities or systems, ranging from limited to expert knowledge. This may include knowledge that could enable an insider to bypass or defeat dedicated physical protection systems and other facility systems that contribute to nuclear security, such as safety and nuclear material accounting and control (NMAC) systems, operating procedures, and response capabilities.

These attributes may also include access to, or knowledge of, sensitive information or sensitive information assets, including information regarding the transport or movement of nuclear material.

Sponsored by: National Nuclear Security Administration Federal Agency for Nuclear Control