Excellent read this month is Sheila Kennedy's "Trust is Not A Strategy for Cybersecurity" in Plant Services. While reminding us that with 100% probability all companies will be cyberattacked per professionals at companies such as Siemens, the article provides sound advice addressing the fundamentals of protecting new equipment and devices, honing in on current best practices.
A comprehensive Process Safety Management (PSM) system must include cyber security considerations. Per the article, Indegy's Chris Grove says that:
"while active, passive and hybrid Industrial Cybersecurity (ICS) monitoring approaches all have advantages, a hybrid approach is likely to provide the best value for most organizations because it 'gives organizations total visibility into their Operational Technology (OT) network and environment".
So, if a PSM plan includes understanding and addressing hazards that pose the highest level of risk to your process facility such as:
- Ensuring compliance with relevant national, local and industry standards
- Implementing best engineering practices
- Reducing overall level of risk
- Increasing productivity and employee morale
- Making organization more competitive
- Decreasing insurance premiums
It follows that cybersecurity should be incorporated into the organizational climate, culture and process - being adopted by all levels of the organization. If not, the work arounds and avoidance games begin.
The article is well worth your time. If you would like further help incorporating cybersecurity into your process safety program, one that includes Risk Management Services such as Combustible Dust Hazard Assessment (DHA) Explosion and Fire Hazard Evaluation,Process Hazard Analysis (PHA), Hazard Identification Risk Analysis,Consequence Analysis, Safer Process Scale-up,Process Safety Management (PSM) Program Development, and Relief System Design Review, please contact Kris Fauske at kfauske@fauske.com, 630-887-5224