IAEA Symposium on International Safeguards

Challenges in SG Implementation: IT and Cyber Security

Not scheduled

5m

M Building (Vienna International Centre)

Roundtable Member Addressing Growing Safeguards Challenges (CHA) [CHA] Keeping Pace with IT Security - Threat Intelligence for the IAEA/Nuclear Regulatory World

Speaker

Ms Anna Melkumyan (Head for Nuclear Information and international coopertion section)

Description

State system of accounting for and control of nuclear materials had been established to fulfill obligations undertaken under SA and AP on levels of state and facility and developed guides describing the preparation of nuclear materials accounting reports for nuclear facilities and LOFs, AP declarations, operational information related to preparation and conduct of SG inspections and other issues emerging in relation to SG implementation. These information were transmitted to IAEA electronically through e-mail and in paper form accompanied with CDs delivered through the ordinary mail.
However, from 2017 IAEA operates SDP which is intended for sharing confidential information and contributes to reliable and secure exchange of SG related information and which is also of great importance to country and is a precondition for proper implementation of associated SG obligations in view of its timeliness and confidentiality. In 2017 ANRA made all the required arrangements to use SDP for transmission of nuclear materials accounting reports and AP declarations to IAEA. One of key points to be taken into account is cyber security of SDP which is to prevent damage caused by disruptions to, breakdowns in or misuse of information and computer technology and to repair damage if and when it has occurred. Cyber security concerns IT platform security and security of information stored in IT platform, but there are associated threats that may not only disrupt digital infrastructure, but may compromise integrity, availability and confidentiality of information documented, stored and exchanged. Threats mostly concern reveal of confidential information related to nuclear materials existing in country.
Thus, processing and protection of information is subject to strict monitoring and standards to be complied with by those who deal with confidential information and operation of IT platform. Digital fraud and theft of information are two most common threats to cyber security and citizens, businesses and governments regularly fall victim to botnets and ransomware.