Entergy Nuclear Cyber Security Compliance and Management

Sparky Soudah | March 12, 2019

Nuclear Regulatory Commission Regulatory Information Conference

2

Entergy At A Glance

• Entergy Corporation is an integrated energy

company engaged primarily in electric power

production and retail distribution operations

• Entergy Nuclear owns, operates, supports

and provides management services to a

national fleet of 10 reactors in 8 locations in

the U.S

• Entergy Nuclear has approximately 7,000

employees

• Entergy owns and operates power plants with

approximately 30,000 megawatts of electric

generating capacity, including approximately

9,000 megawatts of nuclear power

GovernanceEnsure compliance, ownership, accountability and transparency

of program management. Ensure the program's goals and

objectives are aligned with those of the enterprise.

OversightResponsible for assuring the quality of program management

through the performance of reviews, audits, and assessments.

ExecutionExecution of program elements throughout lifecycle including

CDA assessments and the remediation of any identified gaps.

Management of CDA SIEM alerts, threat notifications, and

technical issues.

SupportProvide necessary supplemental support to ensure program

compliance and adequate security posture including execution

of requested activities.

3

Entergy Nuclear Cyber Program Functional Structure

Chief Nuclear Officer Chief Information Officer (CIO)

IT-Operations Technology (OT)

Fleet Nuclear Cyber Security Team

Nuclear Cyber Incident Response Team (NCIRT)

Consulting Members

IT - Operations Technology

Site Staff

(Site Cyber Security Lead)

Cyber Digital Asset (CDA) System Owners

IT, Engineering, Operations, Security, Maintenance,

and Emergency Planning

Supply Chain

Chief Security Office (CSO)

Site Cyber Security Assessment Team (CSAT)

Information Technology, Regulatory Assurance,

Engineering, Operations, Security, and

Emergency Planning

IT Information Security

(w/specialized skill set)

Corporate Consolidated Security Operations

Center (CSOC)

Corporate Technical Cyber Incident Response

Team (TCIRT)

Nuclear Independent Oversight (NIOS)

Fleet Cyber Peer Groups

(Procedures, Infrastructure, Periodic Activities,

Vulnerability Management, CDA Assessments)

Corporate Crisis Response Team

Site Vice President

4

Entergy Nuclear Fleet Oversight and Alignment

Fleet Program Governance, Oversight, and IT Support

Fleet Standard Cyber Training, Procedures, and Work Instructions

Program Reviews and Corrective Action Program

(CAP) Entergy Consolidated Security Operations Center (CSOC) and Incident Response Team

Fleet Nuclear Cyber Security Program Alignment

Fleet Standard Cyber Digital Asset (CDA) Assessment Tool

Fleet Cyber Program Peer Groups

Site IT Managers

are program

leads at each

site and execute

on fleet

directives to

maintain fleet

alignment and

consistency

Enterprise IT

5

Entergy Cyber Security Implementation At A Glance

2 Years of Planning and

Implemented 696 cybersecurity controls at

5 nuclear sites

Performed 13 Engineering Changes and

Returned to Service before Effective Date

Performed approximately 1,500 CDA

Assessments on more than 11,000 CDAs

Integrated alerts with the 24/7 enterprise

Consolidated Security Operations

Center

Installed more than 1000 network and

security devices for Critical Digital

Assets (CDAs)

Approved 21 fleet and site positions

approved to support the Nuclear Cyber

Program

Completed approximately 1,900 Work

Orders and Work Trackers for CDAs

Created or updated 28 Nuclear IT

Procedures and 58 Nuclear Non-IT

Procedures

Cyber Security

program became

effective as NRC

regulated program

on 12/15/2017 for

all sites

6

Entergy Nuclear Cyber Security – NRC Inspections Lessons Learned

Three (3) Inspections completed in 2018 • River Bend Station - May 2018

• Arkansas Unit 1 & 2 - July 2018

• Waterford 3 - November 2018

What went well:• Entergy fleet resources were fully engaged at each individual site NRC inspection

• Clear NRC and Entergy roles, responsibilities, and expectations

• NRC staff was organized and communicated openly with the Entergy team

• NRC understands complexity of program while providing Entergy adequate response time and open dialogue

• NRC open to participation of other Entergy site observers during inspection briefings

• Information week (bag week) – enabled alignment and readiness

Challenges:• Pre-inspection Request For Information (RFI) information required extensive resources and time to organize

• Extensive Entergy resources were engaged during the inspection

7

Entergy Nuclear Cyber Security – Program Success Factors

• Entergy ownership of the program at the corporate and site level

• Effective communication channels maintained between Fleet Cyber Program Management team

and nuclear sites

• Creation of fleet program Peer Groups - Resolve issues and maintain alignment between the sites

• Collaboration with Industry peers and assessments from third party consultants - Diversity of

expertise and experience

• Clear line of communication between the NRC and Entergy

• Operating Experience (OE), observations, and assessment results were used as a cornerstone to

improve compliance and cyber security posture

8

Entergy Nuclear Cyber Security – What’s Next?

• Continue to be self-critical and make improvements

• Streamline cyber security procedures to ensure they are user friendly and align with the Entergy

Security Control Implementation Strategy (SCIS)

• Develop Key Performance Indicators (KPI) for the program

• Engage in industry initiatives on improving implementation of the cyber security rule and the

performance of future NRC inspections

• Improve cyber security training and awareness throughout the organization

9

Entergy Nuclear Cyber Security Compliance and Management