On this Page:
- Computer Security Office
- Policy, Standards, and Training Team
- FISMA Compliance and Oversight Team
- Cyber Situational Awareness, Analysis, and Response Team
Director/Chief Information Security Officer: Thomas Rich
Plans, directs, and oversees the implementation of a comprehensive, coordinated, integrated and cost-effective NRC Information Technology (IT) Security program, consistent with applicable laws, regulations, Commission, Executive Director for Operations and Chief Information Officer direction, management initiatives and policies. Ensures appropriate, effective, and efficient NRC-wide integration, direction and coordination of IT Security planning and performance within the IT security program and with related Office of Information Services activities. Provides Agency-level liaison with external entities on mutual IT security interests. Formulates and oversees an IT security program budget. Proposes and successfully advocates appropriate Agency-level IT security guidelines. Provides vision, leadership, and oversight in developing and promulgating an end-to-end, comprehensive IT security architecture, which is integrated with NRC's enterprise architecture. Provides credible, cogent, and timely advice and counsel to the Chairman, Commission, and NRC senior management on programmatic, infrastructure, and administrative aspects of IT Security. Guides security process maturity within the NRC; advocates these concepts to NRC organizations. Adjusts as appropriate to meet the evolving threat.
Policy, Standards, and Training Team
Senior IT Security Officer/Team Leader: Kathy Lyons-Burke
Develops, coordinates and maintains the NRC IT program policy (Management Directive & Handbook 12.5). Develops policies in support of new requirements such as the National Institute of Standards and Technology, Homeland Security Presidential Directives, and Federal regulatory changes. Ensures that IT security policies, directives and requirements are communicated to NRC staff to improve NRC's security posture, mitigate IT security vulnerabilities and combat the IT security threat. Develops, coordinates, and maintains comprehensive and cost-effective IT security, awareness, training and certification programs.
FISMA Compliance and OversightTeam
Senior IT Security Officer/Team Leader: Paul Ricketts
Conducts IT security risk analyses and reviews and ensures that actions are taken by system owners to address any vulnerabilities identified. As the Senior IT Security Officer, serves as the Designated Representative to the Designated Approval Authority (DAA) for Systems Certification and Accreditation (C&A) activities. Reviews system certification packages submitted for accreditation and makes recommendations to the DAA. The DAA are the three Deputy Executive Directors. Tracks and provides oversight and support for the C&A efforts across NRC. Reviews and approves security categorization documents. Oversees and assists organizations in completing and maintaining their individual C&A programs. Tracks and validates Plan of Action and Milestones (POA&M) items; and analyzes POA&M's for quality of content and practicality of remediation. In coordination with the system owner, conducts risk assessments, security testing, provides in-depth oversight and analysis, and ensures that all programs are making consistent progress in mitigating identified weaknesses. Provides systems security technical information, advice, support and consultation services to system owners in the area of computer security and compliance during system development or accreditation activities. Provides authoritative assistance, consultation, and guidance in the area of computer security and compliance and ensures that agency programs comply with Federal guidance including, but not limited to the Federal Information Security Management Act, Office of Management and Budget (OMB), and General Accounting Office guidance.
Cyber Situational Awareness, Analysis, and Response Team
Senior IT Security Officer/Team Leader: Thorne Graham
Serves as the focal point for the NRC for receiving, tracking, monitoring, and reporting of computer security incidents. Monitors NRC's IT security vulnerabilities, maintains an awareness of the threat to NRC's IT infrastructure, and provides appropriate information to senior NRC officials so they maintain an up-to-date awareness of the threat and NRC's vulnerability to that threat. Provides a centralized capability for reporting of cyber-related security incidents against NRC's internal information technology infrastructure. Monitors the NRC intrusion detection and intrusion prevention systems. Maintains an information security incident response report database, conducts trending analysis of events, and recommends actions to minimize or prevent releases. Reviews actions and conducts root cause analysis of NRC information security incidents. Directly interfaces with the Infrastructure and Computer Operations Division and other IT staff within the NRC on patch review and applicability of patches to ensure prioritization. Coordinates activities and responses to internal NRC cyber-related security incidents with appropriate offices. Communicates relevant computer security information such as security alerts, advisories and bulletins, software vulnerability data and reports, vendor patch notifications, virus alerts and other relevant security information. Provides an electronic clearinghouse for information assurance tools, anti-virus software, recommended or best practice security guidelines. Serves as the primary reporting authority to the United States Computer Emergency Readiness Team, OMB, law enforcement and criminal investigative groups in the reporting of cyber-related attacks against NRC's infrastructure. Serves as NRC Observer to the Committee on National Security Systems. Participates in relevant Federal computer security groups such as the National Cyber Response Coordination Group and Government Forum of Incident Response and Security Teams. Conducts penetration testing and vulnerability scanning of NRC's network.