How can I use my PHA to Streamline Cybersecurity Risk Assessment?
Recording Date: April 2021
Many organizations have mature processes in place for evaluating process or machinery hazards in traditional safety risk assessments, but fewer have developed a robust approach to cybersecurity risk assessment. Alignment between safety risk assessment and cybersecurity risk assessment is critical, and the 2016 version of IEC 61511 now requires that a cybersecurity risk assessment be conducted for all Safety Instrumented Systems (SIS) and connected systems. Fortunately, traditional process hazard analyses (PHAs) have valuable information that can be used to improve the speed and efficiency of the cybersecurity assessment, including corporate risk criteria, potential consequences resulting from control system failures, severity rankings for consequence scenarios, existing mechanical protection layers. With this information organizations can jumpstart their approach to managing cybersecurity risk.
About the Presenter:
Patrick O’Brien is a Safety and Cybersecurity Engineer at exida LLC, where he performs numerous end user focused training, consulting, and support services for industrial facilities in functional safety and cybersecurity. In addition to his consulting work, he has assisted with product development through testing, application specification, and the creation of user tutorials for the exSILentia® software platform, including significant work with the exida CyberPHAx™ and CyberSL tools. He has assisted with the development of exida training material and other knowledge-based content. He also helped develop cybersecurity projects through technical support and the translation of cybersecurity documents between English and German. Mr. O’Brien recently graduated from the Pennsylvania State University with a Bachelor of Science in Chemical Engineering and a Bachelor of Science in German Language and Culture.