By - Jon Brown

Fundamentals of Cyber Security for Nuclear Plants
November 14-15, 2018 | Denver, CO

Download PDF



If this event is of interest, you may also be interested in Fundamentals of Cyber Security, November 13 – 14 in Denver, CO

Like other parts of critical infrastructure, nuclear power faces cyber security threats, and the Nuclear Regulatory Commission (NRC) has mandated that these threats be addressed ultimately through an agreed upon approach through NEI 08-09 and NEI 13-10.  However, because of the potential impacts to safety and security, operators face much greater challenges in providing needed cyber security controls for Critical Digital Assets (CDAs).  New digital components are being implemented that are challenging many preconceived notions of how technology is used in a nuclear plant. As the options for access and control become more complicated, so does security. Threats are evolving at a rapid pace, and with national security and nuclear safety on the line, the industry is racing to keep up. As the mandatory NRC regulations and approaches are revised to address industry challenges, the industry is still responsible for its plants and protecting from design basis threats from cyber security vulnerabilities.  Notwithstanding growing questions and concerns from Owner and Utility Boards of Directors over cyber security at their nuclear plants, each inspection of Milestone commitments yields new insight into the NRC’s concerns over cyber security in the nuclear industry.

This course is an in-depth introduction to cyber security issues facing the nuclear industry and plant assets today. It is meant as a primer to give the necessary background for all staff to understand the concepts and complexities of cyber security and compliance with NEI cyber security controls.


Learning Outcomes

  • Discuss current value at risk from cyber security threats facing nuclear power plants
  • Analyze cyber threats and vulnerabilities
  • Define, assess and manage cyber security risk for nuclear plants
  • Review and analyze NRC cyber security controls
  • Discuss NRC cyber security inspection techniques and interpretations
  • Identify key NEI 08-09 and NEI 13-10 implementation strategies
  • Discuss the convergence of Maintenance/Operations/Engineering/Security/Cyber security departments, internal communication strategies and building cross-functional teams
  • Review practical techniques for risk management and data protection
  • Articulate holistic cyber security program strategies focused on prevention



EUCI has been accredited as an Authorized Provider by the International Association for Continuing Education and Training (IACET).  In obtaining this accreditation, EUCI has demonstrated that it  complies with the ANSI/IACET Standard which is recognized internationally as a standard of good practice. As a result of their Authorized Provider status, EUCI is authorized to offer IACET CEUs for its programs that qualify under the ANSI/IACET Standard.

EUCI is authorized by IACET to offer 1.0 CEUs for this event.


Requirements for Successful Completion of Program

Participants must sign in/out each day, be in attendance for the entirety of the course to be eligible for continuing education credit.

Instructional Methods

This course will use PowerPoint presentations and group discussions.


Wednesday, November 14, 2018

registration12:30 – 1:00 p.m. :: Registration

1:00 – 2:30 p.m. :: Hacking and Hardware – Understanding Cyber Threats to Nuclear  Power Plants and the Value at Risk

  • Current cyber security threats facing nuclear plants
  • Common vulnerabilities and consequences
  • Predictions of future cyber security challenges

Break2:30 – 3:00 p.m. :: Networking Break

3:00 – 4:00 p.m. :: Continuation of Value at Risk: Threats to Nuclear Power Plants

4:00 – 5:00 p.m. :: Plant-Wide Cyber Security Part A: Moving Beyond Cyber Security as an IT Problem

  • Top concerns in the nuclear industry
  • Interesting approaches to license commitments

Thursday, November 15, 2018

breakfast8:00 – 8:30 a.m. :: Continental Breakfast

8:30 – 10:00 a.m. :: NRC 10 CFR 73.54, Regulatory Guide 5.71, NEI 08-09, and NRC Inspection Manual Chapters

Break10:00 – 10:30 a.m. :: Networking Break

10:30 a.m. – 12:00 p.m. :: Plant-Wide Cyber Security Part B: Moving Beyond Cyber Security as an IT Problem

  • Best practices for nuclear cyber decurity
  • Preparing for Milestone 1-Milestone 7 inspections
  • NEI 08-09 Strategy & Technology
  • Core assets and Critical Digital Assets (CDAs)
  • Levels 1-4
  • CDA grouping
  • Cyber rvaluation
  • SCIP development and assessment
  • NEI 13-10
  • Presenting to the CSAT
  • Cyber program roles and responsibilities
  • Internal communication strategies
  • Building a cross-functional team

lunch12:00 – 1:00 p.m. :: Group Luncheon

1:00 – 2:30 p.m. :: Continuation of Plant-Wide Cyber Security Part B: Moving Beyond Cyber Security as an IT Problem (Continued)

Break2:30 – 3:00 p.m. :: Networking Break

3:00 – 5:00 p.m. :: Integrating Cyber Security across the Plant

  • Enterprise roles and responsibilities
  • Internal cyber security strategy
  • Cyber security integration across the plant
  • End-to-end cyber security from back office to core business

adjourns5:00 p.m. :: Course Adjourns


Rob Schuler, Cyber Strategy Manager, Accenture Security

Mr. Schuler is a Cyber Security Strategy Manager and Technical Thought Leader with Accenture Security in the United States.  He has 20 years of cyber security risk management and systems security engineering experience across multiple industries.  Over this period, he has become a recognized expert in cyber security guidance for control systems, including Nuclear Energy Institute (NEI) 08-09 and NEI 13-10.

Mr. Schuler has key expertise in helping industry clients define their needs and translate them into actionable program goals. He has a strong history of guiding teams toward shared agreement, facilitating process refinement, and aligning organizational culture with program expectations. 

Mr. Schuler’s industry outreach activities have included frequent speaking engagements delivering nuclear and utility control system cyber security courses and speaking on industry panels, where his technical knowledge and interactive style is helping key industry participants reach a shared understanding of cyber security threats, compliance standards, and how to enhance security architectures while meeting regulatory objectives.


EUCI Office Building Conference Center

4601 DTC Blvd, B-100

Denver CO, 80237


Suggested Hotel

Hyatt Place Denver Tech Center
8300 E. Crescent Parkway
Greenwood Village, CO 80111
0.9 miles away
Nightly Rate for EUCI Attendees: $149.00

Click on the following booking link: Hyatt Place Denver Tech Center – EUCI and use Group Code: EUCI or

Call Central Reservations at 888-492-8847 and ask for the EUCI rate of $149 under the corporate/group code EUCI

Other Nearby Hotels

Hyatt Regency Denver Tech Center
7800 E Tufts Ave
Denver, CO 80237
Phone: 303-779-1234
0.3 miles away

Hilton Garden Inn Denver Tech Center
7675 E Union Ave
Denver, CO 80237
Phone: 303-770-4200
0.6 miles away

Denver Marriott Tech Center
4900 S Syracuse St
Denver, CO 80237
Phone: 303-779-1100
0.7 miles away


Event Standard RateAttendees

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. more information

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. We use cookies during the registration process and to remember member settings.