New Features to Support NEI 13-10 Revision 4 Deliver Major Out-of-the-Box Efficiencies, Cost-Savings, and Program Sustainability.
NEW YORK, NY–February 16, 2016 – Today, WizNucleus announced a new release of Cyberwiz-Pro (CWP) that supports the latest revision of Nuclear Energy Institute, NEI 13-10, delivering major efficiencies during the Milestone Cyber Asset Assessment process. The NEI guidance states that nuclear power plants must assess each critical digital asset (CDA) a minimum of every 24 months to verify all the applicable cyber security controls. With hundreds of control questions for each Critical Digital Asset (CDA), this can be a very time-consuming process. By utilizing the NEI 13-10 guidance on “Type” assessments, common controls, and inherited controls, CWP allows CDAs to be grouped by user-defined class of asset based on CDA characteristics. These classes allow utilities to avoid performing full NEI 08-09 assessments individually on all of their CDA’s. By grouping CDAs by classes, they can also perform a more simplified 13-10 consequence assessment to determine if a full NEI 08-09 assessment is required.
A major US nuclear plant customer states, “By using CWP from WizNucleus, we expect to save at least a million dollars per Milestone Assessment. Furthermore, we are seeing a significant reduction in errors associated with control application across our fleet, because CWP provides strong and sustainable consistency.”
CWP also incorporates a “Type Assessment” methodology for direct CDA’s allowing for the maximum grouping for assessments while maintaining individual reports. Using the Type Assessment process, the user can define which devices fall into what class/category and make pre-defined determinations as to how they are being protected. Using CWP’s automation capability and flexibility, nuclear plants can dramatically improve efficiencies and create a sustainable program. Leveraging these predefined responses and processes will be crucial when the program is handed from the Cyber teams to the Engineering teams. The engineering teams can then access previous assessments and create revisions for the periodic reviews.
“The combination of incorporating the NEI 13-10 guidance and streamlining techniques such as Type Assessments into CWP allows nuclear companies to reduce the effort it takes to become inspection ready,” said Krish Shetty CEO WizNucleus. “Our ability to help customers optimize their Security Control Implementation Strategy (SCIS) and configure it into CWP provides a powerful overall solution for a sustainable and efficient compliance program across the fleet.”
WizNucleus will be presenting at the Cyber Security Implementation workshop in Seattle, WA March 1-3, 2016.
About WizNucleus: WizNucleus is focused on delivering a purpose-built software suite for achieving cyber security and compliance in Industrial Control Systems/Operation Technology (ICS/OT) environments. Starting in the nuclear power industry where the most rigorous compliance challenges exist, WizNucleus has a track record of delivering results. The WizNucleus software platform is built specifically to address the evolving cyber security standards such as NEI 08-09, NEI 13-10 and NERC CIP for the critical infrastructure. In a single software platform, WizNucleus delivers security and compliance tracking, security controls assessment, change management, and risk assessment. https://www.wiznucleus.com/about-us/