Incorporate ICS Cybersecurity Risk Assessments Into Process Risk Management

by John Cusimano, Krish Sridhar

Numerous cybersecurity incidents, especially those targeting the energy sector, have raised concerns among oil, gas and petrochemical corporations. Such a cyber breach could compromise industrial control and safety systems, leading to health, safety or environmental incidents or financial loss. “Are our plant controls systems secure?”; “Do we have adequate protection measures in place?”; “Would we know if our control systems were compromised?”; “Are we prepared to respond to a control system cybersecurity incident?”; and “How do our programs compare to industry standards and best practices?” are typical questions that senior management will look to the CIO and the IT organization for answers.


What senior management wants to know is if the company is managing the risks associated with the threat and vulnerabilities facing modern industrial control systems (ICS). However, unless a mature control system cybersecurity management program is in place, including the performance of periodic control system cybersecurity risk assessments, those questions cannot be answered.

The full article can be found at the following link:

> Read full article from AFPM 2016 Q&A and Technology Forum Conference Daily – Day 2

#cybersecurity #processriskmanagement