John Cusimano presents on “Cyber Process Hazards Analysis (PHA) to Assess ICS Cybersecurity Risk” at the S4x17 conference.

aeCyberPHA® Risk Assessment Methodology

aeSolutions offers industrial control system (ICS) cybersecurity risk assessment services in every phase of the process automation/process safety lifecycle. We guide clients through our unique cyber-safety risk assessment methodology that we call aeCyberPHA®. The aeCyberPHA methodology is a practical application of the ISA 62443 cybersecurity risk assessment requirements. The method links realistic threat scenarios with known vulnerabilities and existing countermeasures and couples that with credible consequences from the PHA to determine cyber risk. Our risk-based approach to developing your cybersecurity program relies on network assessments from level 0 to level 4, zone and conduit diagrams, and gap assessments utilizing existing policies, procedures, and industry benchmarking.

Following your risk assessment, we can assist you with cybersecurity specifications development; industrial firewall design/review and implementation; governance document creation; policies and procedures development; incident response, forensics, and disaster recovery assistance.