U.S. NRC Blog

Transparent, Participate, and Collaborate

Category Archives: General

Q & A with Joanne Savoy in Recognition of Black History Month

Joanne Savoy works in the NRC’s Office of International Programs as a licensing assistant for the Exports Controls and Nonproliferation Branch. She has also been the chair of the agency’s Advisory Committee for African Americans (ACAA) for the past three years.

What is the ACAA?

joanneThe ACAA is one of eight Equal Employment Opportunity Advisory Committees here at the NRC. It reports to the Office of Small Business and Civil Rights and its goal is to assist in identifying issues that may impact African American employees. We also make recommendations to address those issues.

Why does diversity matter in the NRC workplace?

Diversity matters because everyone is able to bring different points of view to the table. Many of us come from different backgrounds, and we are able to take what we have experienced — and learned in our own diversified cultures — to add value to our everyday work life. Diversity at the NRC means a new way of thinking, and a new way for all of us to interact with each other and learn from each other.

How does diversity in the workforce help the NRC meet its mission?

There are many studies that prove that when workers are ethnically and racially diverse, are educated in different parts of the country, represent multiple generations, and come from various socio-economic backgrounds they collaborate and contribute in a way that makes an organization more successful and productive in accomplishing its mission.

The NRC permanent staff is made up of:

15% African Americans
10% Asians
6% Hispanics
1% Native Americans
67% White

We come from all parts of the country; we have been educated in many different colleges and universities, and in many different disciplines (both technical and non-technical). We represent every generation across every age group. We practice many different religions and beliefs and nearly 1% of our work force is employees with disabilities. This is the diversity that makes the NRC great.

Why is Black History Month important?

Black History Month is important because it is a time to reflect on how far we have come. Black History Month is a time for EVERYONE to celebrate ALL who have fought for African American rights and freedom. Judge Alan Rosenthal, a member of the NRC’s ASLPB, was the keynote speaker at the agency’s African American History month dinner in 2013. I was surprised to learn the agency had someone who played a vital role in the historic Brown vs Board of Education of Topeka, Kansas. I remember thinking how amazing it was to have met this man who had fought so hard for someone like me, so I would have the opportunities that I have today. I will never forget that moment. It made me realize how the NRC has heroes like Judge Rosenthal, who fought the fight for equal rights.

What should people make a point to do/think/reflect on during Black History Month?

We should make a point to volunteer and give back to our communities. There are people and children who need us to guide them and help them make their lives better. I also think we should continue to educate not only ourselves but our children about our history. There are so many great movies like Selma, Roots, 12 Years A Slave, Glory, The Butler, Malcom X, Road to Memphis, American Black Journal and so many more that can help the education process. We should be watching these movies and talking to our children, family and friends about what Black History Month means to us.

I am who I am because of the people — black and white — who have fought the fight for equal rights. Because of them, a woman like me is able to work here at the NRC and to have the freedom to do whatever I want. It is up to me and you to give back and continue the legacy and remember we have come a long way, but there is always more that we can do to continue with the our legacy.

NRC Finalizes Violations for Arkansas Nuclear One

Victor Dricks
Senior Public Affairs Officer
Region IV

The Arkansas Nuclear One power plant, in Russellville, Ark., is coming under increased NRC focus as a result of flood protection problems.

anoBeginning in 2013, Entergy Operations officials and the NRC began extensive inspections of the flood protection program at ANO. Many problems were discovered and are described in a Sept. 9, 2014, NRC inspection report.

All told, more than 100 previously unknown flood barrier deficiencies creating flooding pathways into the site’s two auxiliary buildings were found. These included defective floor seals, flooding barriers that were designed, but never installed, and seals that had deteriorated over time. In one case, a special hatch that was supposed to be close a ventilation duct in the Unit 1 auxiliary building in the event of flooding had never been installed.

In the unlikely event of extreme flooding – a kind not seen since weather records have been kept for the area – significant amounts of water could have entered the auxiliary buildings. This could have submerged vital plant equipment, as well as the emergency diesel generator fuel vaults. The licensee has replaced degraded seals, installed new flood barriers and adopted new measures to better protect the site from flooding.

NRC held a regulatory conference with Entergy officials on Oct. 28, 2014. After considering information provided by the company, NRC determined violations related to flood protection have substantial safety significance, or are “yellow.” (The NRC evaluates regulatory performance at nuclear plants with a color coded process that classifies inspection findings as green, white, yellow or red, in order of increasing safety significance.)

The NRC divides plants into five performance categories, or columns on its Action Matrix. ANO Units 1 and 2 received yellow violations in June 2014 because electrical equipment damaged during an industrial incident increased risk to the plant. Workers were moving a 525-ton component out of the plant’s turbine building when a temporary lifting rig collapsed on March 13, 2013, damaging plant equipment. Those violations moved both units from Column 1 to Column 3 of the NRC’s Action Matrix. The agency increases its oversight of plants as performance declines.

The new violations will lead NRC to reassess whether even more inspection resources need to be focused on ANO. The NRC will determine the appropriate level of agency oversight and notify Entergy officials of that decision in a separate letter.

Protecting the NRC’s Cyber Frontier

By David McIntyre
Public Affairs Officer

 

computersec1The email was flagged urgent and screamed in capital letters: YOUR IMMEDIATE ATTENTION REQUIRED! The message said a software update was needed to avoid major system disruption, and to click a link and enter a network password. The NRC employee who received the email thought the message looked suspicious. Instead of clicking on the link, she forwarded the message as an attachment to the NRC’s Computer Security Incident Response Team.

Within minutes, a CSIRT member was analyzing the email on a computer unconnected to the NRC network. He quickly determined the message was bogus, a “phishing” attempt to gain unauthorized access to the system. He instructed the employee to delete the message and block the sender to avoid receiving any further attempted intrusions from that Internet address.

Had the employee provided her username and password, she could have exposed the NRC’s computer network and its sensitive information to compromise and possible disruption. Personal information about NRC employees would have been at risk, as well as sensitive pre-decisional information about agency policies and licensees. While Safeguards and classified information about the security and status of nuclear plants is maintained on separate higher security systems, the information we process on the NRC corporate network must also be protected.

CSIRT, part of the NRC’s Computer Security Office, is a small group of experts, all highly trained in cyber defense. Their mission is to detect and thwart attacks on the NRC’s computer networks and prevent “spills” of sensitive information. Such attacks can come through phishing attempts, such as the fictional incident described above, malware implanted in website advertisements or viruses and malware on portable data devices.

The team routinely works with other federal agencies, including the Homeland Security Department’s U.S. Computer Emergency Response Team (US-CERT) to stay up to date on the latest vulnerabilities. They even practice “white hat” hacking to test the NRC’s systems.

As a response team, CSIRT investigates suspicious emails that have already passed through the NRC’s extensive SPAM filters and Internet firewall, robust cyber security defenses mounted by the Office of Information Systems.

About 10 million emails are directed to NRC.gov addresses each month, and nearly 90 percent of them are blocked by the agency’s network security technologies as spam or for carrying viruses or suspicious attachments, says Mike Lidell, IT Specialist in the OIS Security Operations and Systems Engineering Branch. The OIS team administers the NRC’s firewalls, intrusion detection systems and spam filters.

computersec1While the percentage of blocked emails seems high, Lidell says it’s pretty much “par for the course” for any large organization or government agency. Emails that get through the initial line of defense are scanned again by the internal servers and a third time by the end-user’s individual computer. Internet data returned from the Web is scanned by NRC servers and individual workstations as well to guard against “drive-by downloads” of malicious software.

As Lidell points out, the “defense in depth” is necessary because the attacks are always evolving and changing. Thorne Graham, CSIRT’s team leader, praises a fourth line of defense against email attacks on the agency’s network: The NRC’s 4,000 employees. All NRC employees take annual online computer security training.

“Our best defense is the individual employee,” Graham says. “Security is everyone’s business.”

 

Follow

Get every new post delivered to your Inbox.

Join 1,605 other followers

%d bloggers like this: