Supported by the findings from the ICS Cybersecurity Vulnerability Assessmen
t, an ICS Cybersecurity Risk Assessment is qualitative analysis of cyber threats and vulnerabilities in order to determine the likelihood and consequence should a threat successfully exploit a vulnerability. The combination of likelihood and consequence allows for a determination of risk which is typically expressed in terms of the impact to health, safety, the environment and company finances.
aeSolutions has applied our extensive experience in Process Safety Analysis to develop a systematic method of analyzing cyber risk that is consistent with and leverages the effort companies have invested in PHA methodologies such as Hazard and Operability (HAZOP) studies. The result is an understanding of ICS cybersecurity risk expressed in a form that is both actionable and familiar and meaningful to management.