Should my Initial Cybersecurity Risk Assessment Consider Non-hackable Protections? | exida

exida Recorded Webinars

  1. exida
  2. Webinars
  3. Recordings
  4. Should my Initial Cybersecurity Risk Assessment Consider Non-hackable Protections?

Should my Initial Cybersecurity Risk Assessment Consider Non-hackable Protections?

Recording Date: May 2023

The initial cybersecurity risk assessment (or high-level risk assessment as it was previously called) is an important step in the cybersecurity lifecycle. It is at this point that the basis for network segmentation and creating zones and conduits for an industrial control system (ICS) starts. At this stage the “worst case unmitigated cyber security risk” for any scenario is documented to allow assets to be grouped into areas of similar risks. Several methodologies have been adopted to complete this task, and two of the most common are asset-based and PHA-based, each with a slightly different focus and approach. One common question that we receive when conducting initial risk assessments, is if any protections can be credited. At this stage no cybersecurity protections can be credited, but what about non-hackable safety protections? In this webinar we will review similarities and differences between these two approaches to initial risk assessment and answer the question of whether or not we can look at non-hackable protections during the initial risk assessment.

View Webinar   

About the Presenter:

Patrick O'Brien

Patrick O’Brien Patrick O’Brien is a Safety and Cybersecurity Engineer at exida LLC, where he performs numerous end user focused training, consulting, and support services for industrial facilities in functional safety and cybersecurity. In addition to his consulting work, he has assisted with product development through testing, application specification, and the creation of user tutorials for the exSILentia® software platform, including significant work with the exida CyberPHAx™ and CyberSL tools. He has assisted with the development of exida training material and other knowledge-based content. He also helped develop cybersecurity projects through technical support and the translation of cybersecurity documents between English and German. Mr. O’Brien recently graduated from the Pennsylvania State University with a Bachelor of Science in Chemical Engineering and a Bachelor of Science in German Language and Culture.