(32b) Contextualizing Cyber Risk to Chemical Processes

Engineered processes at petroleum and chemical processing facilities are designed to provide multiple layers of protection to prevent major accidents. These include administrative functions, safety instrumented systems and mechanical protection devices. While designed for a different purpose, these safeguards can also prevent cyber attacks from resulting in operational, safety and environmental consequences. So, even though cyber vulnerabilities may exist, the facility may not be at a significant safety or operational risk due to the existence of safeguards that are not susceptible to cyber exploitation. But how can organizations understand their exposure to these cyber risks? Companies can answer this question, with just a little extra effort, by leveraging studies they already perform.

This paper describes an approach to contextualize cyber security risk from an operational and safety perspective. This team-based approach, which includes operational technology (OT) cyber security and operations experts, begins by reviewing (1) IT/OT asset inventory and network architectures and (2) hazard assessments (e.g. PHAs, LOPAs). This provides the team with an understanding of the current cyber security posture and critical loss scenarios and their associated causes, consequences and safeguards. The team then conducts a systematic evaluation of each critical scenario and considers these questions:

1. Could this scenario be initiated from a cyber event?
2. For each safeguard, could its performance be degraded or failed from a cyber-initiated event?

The team then develops an asset risk profile that identifies the highest risk scenarios and compares these to the baseline risk. Recommendations are then be made to reduce unacceptable scenarios by adding both cyber and engineered safeguards.