The emergence of the TRITON/TRISIS/HatMan malware and its attack methodology directed towards a safety instrumented system (SIS) has added a new dimension of concerns for many ICS and SCADA owners and operators. There is growing recognition of interdependencies between security and safety in control systems that is leading some in industry to expand their use of process safety standards and best practices such as HAZOP analysis and process safety risk matrices. Combining these risk management approaches with proper work procedures and structured change management techniques can help better protect systems against attacks while also reduce damage or disruption to critical operations.
This session will discuss the relationships between safety and cybersecurity risks, the approaches companies are taking to mitigate these risks, and the benefits that can be gained by coupling the domain knowledge and best practices from the worlds of process safety and cybersecurity alike.
This information will be of benefit to owner-operators, equipment suppliers, solution suppliers, and researchers interested in industrial cybersecurity and safety.