Industrial cyber risk management is the discipline of measuring, managing, tracking, and communicating the potential impacts of cyber security events for OT environments. Mastering this topic can help organizations allocate resources for their ICS security programs, including a more expansive workforce and enhanced tools to support cyber protections and detection capabilities. Our guidelines for industrial cyber risk management distill industry best practices, frameworks, and standards into an approachable process for both novices and veterans of enterprise risk.
Read the paper to learn:
- How to build a new (or augment an existing) risk management process to address industrial cyber risk that impact ICS environments
- What is the best way to communicate cyber risk to executives and boards
- About improving risk management with data from other disciplines, like finance and safety
- Actionable guidance, with examples, around risk registers, threat profiles, and impact criteria—including their relationships to ICS-specific risk assessments
