Cyber Security Management – Regulatory Compliance

Nuclear power reactor licensees must be prepared to demonstrate that they have assessed publicly available vulnerabilities and implemented appropriate cybersecurity controls in alignment with their site Cybersecurity Plan (CSP). These activities can be extremely labor-intensive and error-prone.

Cyberwiz-Pro (CWP) automates many aspects of cybersecurity management, including CDA assessments, vulnerability management, configuration management, and the data required for NRC inspection readiness.

NEI 08-09 Cyber security Concept

CWP streamlines and simplifies the CDA and Vulnerability Assessment processes and tracks the gaps in the current security control implementation. It ensures that the highest quality cybersecurity program is maintained, and any potential risks are mitigated.  If the identified control gaps require engineering design changes, those changes are tracked and closed using the plant’s Engineering Change (EC) process or, when possible, internal work management process. Following the engineering changes, CWP is used to assess the cybersecurity posture of the plant on an ongoing basis, including periodic activities and audits, detection, and assessment of applicable vulnerabilities. Additionally, CWP acts as the System of Record for internal and external regulatory compliance needs.

  • Shared CDA and CVE data
  • A single tool for CDA and vulnerability assessment
  •  Highly scalable and flexible architecture
  • Support for industry methodologies
  • Role-based access control
  • Flexible integration API
  • Advanced reporting and dashboards
  • RG 5.71/NEI 08-09 and custom security controls
  • Full support for NEI 13-10 and Addendum
  • Structured/SCIS based Assessment support
  • Easy data migration templates
  • Integrated configuration management
  •  Consistent user interface
  • Gain control over your cybersecurity program
  • Streamline the Assessment process
  • Document who did what, when, where, why, and how.
  • Ensure a “living” and compliant program
  • Eliminate duplication of work, inconsistencies, and errors
  • Enable communication across teams

Get More Info

To manage and maintain a successful nuclear cybersecurity program and remain compliant with NRC, you need a software application that has an established track record in the nuclear industry and it was meant for the job. Homegrown databases and tools, which severally lack the depth and functionality needed to support the complex and continuously evolving requirements are no longer the solution; they will not yield cost-effective and reliable results. WizNucleus Cyberwiz-Pro has been around for years and has a successful history of helping lower the overall cost of managing the cyber security program. Cyberwiz-Pro gives you full visibility into your program activities, including who did what, when, why, where and how.

Cyberwiz-Pro was built ground up and comes ready with security control content, nuclear business processes and automation needed to help meet the changing industry and regulatory requirements. Cyberwiz-Pro has a proven track record in the industry. Since its release in 2011, the software has gone through multiple revisions, including the support for NEI 08-09 Rev 6, NEI 13-10 v5, NEI 10-09, NEI 10-04 and the Ongoing Monitoring requirements.

A number of NPP customers have successfully deployed Cyberwiz-Pro, resulting in significant productivity gain. With unmatched depth, automation and flexibility, Cyberwiz-Pro not only helps reduce the Milestone 8 burden but also simplifies your transition from NEI 08-09 project to program.

Cyberwiz-Pro is developed on the Microsoft technology platform and is deployed as an on-premise turn-key system. It supports virtual server appliances or can be installed on customer’s physical servers.

Cybewiz-Pro is designed to help you meet various requirements of Milestone 8 and beyond.