Accurately identifying and analyzing potential sources of risk for both process safety (e.g., equipment failure, human performance issues) and cybersecurity (e.g., targeted attack, unintentional mistake) scenarios are core parts of an effective loss prevention program. The recently published CCPS book Managing Cybersecurity in the Process Industries, A Risk-based Approach discusses strategies for managing cybersecurity risk by adapting RBPS elements to address the unique challenges of cybersecurity threats. This paper will present key concepts from the book including the alignment of cybersecurity and process safety risk management and strategies for adapting process safety risk assessment techniques including Hazard Identification and Risk Assessment (HIRA), Bow Tie, and LOPA for cybersecurity scenarios. Additionally, practical guidance on completing cybersecurity risk assessments will be shared from real-world case studies.
