This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2018 ICS Cyber Security Conference! (View the full conference website here)  (You can Register for ICS Cyber Security Conference Here
Monday, October 22 • 9:00am - 9:45am
Developing an Effective ICS Risk Assessment Methodology

Sign up or log in to save this to your schedule and see who's attending!

There are a number of cybersecurity frameworks in use today, notably the NIST Cybersecurity Framework (CSF), OCTIVE, ISA99/IEC62443 and others. Our experience suggests that the way most organization perform framework-based assessments is inconsistent and generally they server as a point-in-time evaluation of risk. This talk looks at the mechanics of performing risk assessments in an Industrial Control environment with the objectives of: -- analytical consistency and reproducibility -- assessing risk across dissimilar plants and processes, and -- developing the ability to track risk improvements over time Additionally, we will discuss success factors in establishing a recurring Risk Assessment Methodology that supports both Operations Management and the C-Level with current information and allows what-if analysis to support decision making.
Presentation Objectives
The objectives are:
  • Provide and understand of what “risk” really means and how to think of risk over time.
  • Using a Quantified risk approach vs a Quantitative Risk Assessment
  • Using a Risk Framework and scoring approaches
  • Why this works!

avatar for Harry Regan

Harry Regan

Vice President, Security Services, Securicon
Harry Regan is a security, Information Technology (IT), and operations professional with over 30 years of commercial, industrial, federal, and defense experience. He manages the Securicon commercial security consulting team and is responsible for overseeing the successful execution... Read More →

Monday October 22, 2018 9:00am - 9:45am
Windsor DE