With the focus on cybersecurity at an all-time high, risk assessments are being increasingly completed for industrial applications. One of the first steps in the risk assessment process is to specify the methodology that will be used. The IEC 62443-3-2 Cybersecurity Risk Assessment methodology for initial and detailed risk assessment has been commonly adopted for industrial applications. This approach is often referred to as “Cyber PHA” because it follows a similar approach to traditional Process Hazard Analysis’s already in use in the chemical industries. Another methodology frequently used for cybersecurity risk assessments is the MITRE ATT&CK Framework. This framework focuses on the different techniques that adversaries use to gain knowledge about target systems, gain access to and compromise systems before ultimately achieving their desired impact. This webinar will provide a brief introduction to both approaches and explore the similarities and differences in the approaches. Lastly, practical examples of how to combine the methodologies will be provided.