Cyber Security

Cyber security system shall be designed to protect security systems & IA&CS assets from all threats, whether internal or external, deliberate, or accidental.

The Cyber Security system shall be reviewed, and updated where needed, every 12 calendar months or immediately following recovery from a cybersecurity incident. Changes to the Cyber security system shall be reviewed by facility executive management who shall certify its compliance with facility cybersecurity requirements. The Cyber security system shall formally assign accountability and responsibility for cybersecurity to a designated organization.