How does the MITRE ATT&CK framework align with Cyber PHA? | exida

exida Webinars

How does the MITRE ATT&CK framework align with Cyber PHA?

25 August 2022

With the focus on cybersecurity at an all-time high, risk assessments are being increasingly completed for industrial applications. One of the first steps in the risk assessment process is to specify the methodology that will be used. The IEC 62443-3-2 Cybersecurity Risk Assessment methodology for initial and detailed risk assessment has been commonly adopted for industrial applications. This approach is often referred to as “Cyber PHA” because it follows a similar approach to traditional Process Hazard Analysis’s already in use in the chemical industries. Another methodology frequently used for cybersecurity risk assessments is the MITRE ATT&CK Framework. This framework focuses on the different techniques that adversaries use to gain knowledge about target systems, gain access to and compromise systems before ultimately achieving their desired impact. This webinar will provide a brief introduction to both approaches and explore the similarities and differences in the approaches. Lastly, practical examples of how to combine the methodologies will be provided.


Session: 10:00 - 11:00 AM EDT

Sign Up   

Session: 4:00 - 5:00 PM EDT

Sign Up   


About the Presenter:

Patrick O'Brien

Patrick O’Brien Patrick O’Brien is a Safety and Cybersecurity Engineer at exida LLC, where he performs numerous end user focused training, consulting, and support services for industrial facilities in functional safety and cybersecurity. In addition to his consulting work, he has assisted with product development through testing, application specification, and the creation of user tutorials for the exSILentia® software platform, including significant work with the exida CyberPHAx™ and CyberSL tools. He has assisted with the development of exida training material and other knowledge-based content. He also helped develop cybersecurity projects through technical support and the translation of cybersecurity documents between English and German. Mr. O’Brien recently graduated from the Pennsylvania State University with a Bachelor of Science in Chemical Engineering and a Bachelor of Science in German Language and Culture.