With foreign adversaries looking to disrupt operations of American institutions and collect their sensitive data, the Nuclear Regulatory Commission (NRC) is taking steps to better secure its own data while at the same time making it easier for agency personnel to access the information they need, an NRC official said on March 7.
Johnathan Feibus, chief information security officer (CISO) at NRC and director of the agency’s Cyber and Infrastructure Security Division talked about those efforts at an online event organized by NextGov/FCW.
“We are doing tests on our data on an ongoing basis as we move data around our systems,” the CISO explained.
“We are focused on what data structures we’re using and how the data warehouses and other repositories are being accessed to make sure that the data are being used appropriately, formatted appropriately, and have appropriate permissions applied to them so that users are using them appropriately as well,” he said.
Feibus also talked about the importance of developing automation technology that will help transfer data from legacy systems to modernized IT systems, while ensuring that humans remain in the loop.
“We want to make sure that those decisions are being made, that even as they are being automated, that we are also working with humans in the background to make sure that the automation is working as expected,” said Feibus.
“We continue to work with our data structures to make sure that we have the appropriate data there as well,” he said.