Keeping Things from Blowing Up: Consequence-Based Risk Management in ICS – with Jim McGlone

Mar 28, 2019


Jim McGlone of Kenexis will lead a discussion of Consequence-Based Risk Management and its use in planning the security of industrial control and automation systems to Keep Things From Blowing Up.

Manufacturing and process plants with the potential for harm to people, assets, or the environment, need to be protected against very real physical consequences generated from cyber-attack. The starting point for developing a program for cyber security is an assessment of the vulnerability of the process to cyber-attacks.

We will discuss how existing methods for risk analysis can be expanded with an additional “cyber review” called a Security Process Hazard Analysis Review (SPR) to determine if any cyber-attack vectors can cause significant damage and how we can make recommendations to reach the corporate risk tolerance.