Industrial Control System Security Risk Management
- risk assessment, security risk management
ICS Security Risk Management – The Overview of Risk
The Risk Management in Industrial Control System environment is playing critical role in assessing the security posture of the ICS environment by plotting the asset into the risk level (in correlation with HSE, Financial and Operations). The framework to perform the risk management in ICS should be agreed by the entities related on the ICS security assurance, and refer to the commonly used Risk Management framework such as NIST SP 800-30 or ERM framework or it can be using the adopted framework in the organization.
As the overview of the Risk Management concept in ICS environment, we will start by exploring and understanding what is Risk and its correlation to the vulnerability and threat, and then the correlation to the probability and consequence. Those parameters will drive the risk level result that can depict the actual risk posture in the organization (ICS environment).
The following video will explain more regarding the Risk and its correlation to the Risk Calculated Level within ICS environment (security perspective), “Industrial Control System Security Risk Management – The Overview of Risk“