How does the MITRE ATT&CK framework align with Cyber PHA? | exida

exida Recorded Webinars

  1. exida
  2. Webinars
  3. Recordings
  4. How does the MITRE ATT&CK framework align with Cyber PHA?

How does the MITRE ATT&CK framework align with Cyber PHA?

Recording Date: August 2022

With the focus on cybersecurity at an all-time high, risk assessments are being increasingly completed for industrial applications. One of the first steps in the risk assessment process is to specify the methodology that will be used. The IEC 62443-3-2 Cybersecurity Risk Assessment methodology for initial and detailed risk assessment has been commonly adopted for industrial applications. This approach is often referred to as “Cyber PHA” because it follows a similar approach to traditional Process Hazard Analyses already in use in the chemical industries. Another methodology frequently used for cybersecurity risk assessments is the MITRE ATT&CK Framework. This framework focuses on the different techniques that adversaries use to gain knowledge about target systems, gain access to and compromise systems before ultimately achieving their desired impact. This webinar will provide a brief introduction to both approaches and explore the similarities and differences in the appro #cyber aches. Lastly, practical examples of how to combine the methodologies will be provided.

View Webinar   

About the Presenter:

Patrick O'Brien

Patrick O’Brien Patrick O’Brien is the Assistant Director of Engineering at exida, LLC, where he helps lead a team of engineers in delivering functional safety, cybersecurity, and alarm management services. He has led cybersecurity risk assessments, training courses, and other lifecycle activities for many different applications, including oil and gas, specialty chemical, critical infrastructure, machinery, and robotics. In addition to his cybersecurity role, he also provides consulting services in the areas of process safety, functional safety, and machine safety. He is a coauthor of Implementing IEC 62443: A Pragmatic Approach to Cybersecurity and the principal author of the CCPS concept book Managing Cybersecurity in the Process Industries – A Risk-based Approach. Patrick represents exida on the International Society of Automation Global Cybersecurity Alliance (ISAGCA). Mr. O’Brien graduated from the Pennsylvania State University with a Bachelor of Science in Chemical Engineering and a Bachelor of Science in German Language and Culture.