Description

Book Synopsis


Table of Contents

Table of Contents v

List of Figures xi

List of Tables xiii

Acronyms and Abbreviations xvii

Glossary xxiii

Acknowledgments xxix

Preface xxxiii

Part 1: Introduction, Background, and History of Cybersecurity 1

1 Purpose of this Book 1

1.1 Target Audience 6

1.2 What is Cybersecurity? 6

1.3 What is Operational Technology (OT)? 10

1.4 Which industries have OT? 13

1.5 Scope 15

1.6 Organization of the Book 17

2 Types of Cyber-Attacks, Who Engages in Them and Why 19

2.1 Types of Cyber-Attacks 19

2.2 Who Commits Cybercrimes and Their Motives 26

2.3 Summary 30

3 Types of Risk Receptors / Targets 33

3.1 What is Cybersecurity Risk 35

3.2 What are Common Cybersecurity Targets? 38

3.3 Types of Cybersecurity Consequences 43

3.4 Summary 45

4 Threat Sources and Types of Attacks 47

4.1 Non-Targeted Attacks 49

4.2 Targeted Attacks 53

4.3 Advanced Persistent Threats (APT) 58

4.4 Summary 62

5 Who Could Create a Cyber Risk? Insider vs Outsider Threats 65

5.1 Insider Cybersecurity Risk 65

5.2 Outsider Cybersecurity Risk 69

5.3 Summary 71

6 Case Histories 73

6.1 Maroochy Shire 73

6.2 Stuxnet 77

6.3 German Steel Mill 81

6.4 Ukrainian Power Grid 84

6.5 NotPetya 91

6.6 Triton 95

6.7 Düsseldorf Hospital Ransomware 99

6.8 SolarWinds 101

6.9 Florida Water System 105

6.10 Colonial Pipeline Ransomware 107

6.11 Summary 110

Part 2: Integrating Cybersecurity Management into the Process Safety Framework 113

7 General Model for Understanding Cybersecurity Risk 113

7.1 Cybersecurity Lifecycle 113

7.2 Integrated Cybersecurity and Safety Lifecycle 121

7.3 NIST Cybersecurity Framework 129

7.4 Summary 138

8 Designing a Secure Industrial Automation and Control System 141

8.1 The Disconnect between IT and OT Risk Management 141

8.2 Inherently Safer vs Inherently More Secure 146

8.3 Defense-in-Depth 149

8.4 Network Segmentation 153

8.5 System Hardening 173

8.6 Security Monitoring 176

8.7 Risk Compatibility Assessment 180

8.8 Summary 182

9 Hazard Identification and Risk Analysis (HIRA) 183

9.1 Use of Process Safety Tools to Identify and Manage Cybersecurity Risk 185

9.2 Qualitative Methods 187

9.3 Quantitative Methods 217

9.4 How to Prioritize Risk Reduction Measures? 231

9.5 Revalidation/Reassessment 232

9.6 Summary 233

10 Manage the Risk 235

10.1 Management Approach 235

10.2 Initial Steps 236

10.3 Cybersecurity Culture 240

10.4 Compliance with Standards 242

10.5 Cybersecurity Competency 246

10.6 Workforce Involvement 248

10.7 Stakeholder Outreach 251

10.8 Process Knowledge Management 252

10.9 Operating Procedures 256

10.10 Safe Work Practices 259

10.11 Management of Change 262

10.12 Asset Integrity and Reliability 266

10.13 Contractor Management 272

10.14 Training and Performance Assurance 275

10.15 Operational Readiness 278

10.16 Conduct of Operations 281

10.17 Emergency Management 285

10.18 Incident Investigation 290

10.19 Measurements and Metrics 295

10.20 Auditing 300

10.21 Management Review and Continuous Improvement 304

10.22 Summary 307

11 Implementing a Holistic Approach to Safety and Cybersecurity 311

11.1 Cybersecurity Management Systems (CSMS) 312

11.2 Integrating CSMS with Process Safety Management 327

11.3 Summary 334

Part 3: Where Do We Go from Here? 337

12 What’s Next? A Look at Future Development Opportunities 337

12.1 Cybersecurity Adoption Trends 338

12.2 Emerging Technologies 350

12.3 Summary 353

13 Available Resources 355

13.1 Local, Regional, and Global Topics 355

13.2 Cybersecurity Incident Repositories 362

13.3 Competency Requirements and Training Availability 363

13.4 Administration vs Accountability Functions 368

13.5 Summary 370

Appendix A Excerpt from NIST Cybersecurity Framework 371

Appendix B Detailed Cybersecurity PHA and LOPA Example 377

B.1 System Basis 377

B.2 Initial Risk Assessment 382

B.3 Detailed Risk Assessment (Cyber PHA/HAZOP) 387

B.4 LOPA/ Semi-Quantitative SL Verification 405

Appendix C Example Cybersecurity Metrics 411

Appendix D Cybersecurity Sample Audit Question List 413

Appendix E Management System Review Examples 419

References 421

Index 437

Managing Cybersecurity in the Process Industries

    Product form

    £124.15

    Includes FREE delivery

    RRP £137.95 – you save £13.80 (10%)

    Order before 4pm today for delivery by Fri 3 Jul 2026.

    A Hardback by CCPS (Center for Chemical Process Safety)

      Trusted by thousands of customers. See 2,385+ Customer Reviews

      View other formats and editions of Managing Cybersecurity in the Process Industries by CCPS (Center for Chemical Process Safety)

      Publisher: John Wiley & Sons Inc
      Publication Date: 15/04/2022
      ISBN13: 9781119861782, 978-1119861782
      ISBN10: 1119861780
      Also in:
      Industrial chemistry and manufacturing technologies

      Description

      Book Synopsis


      Table of Contents

      Table of Contents v

      List of Figures xi

      List of Tables xiii

      Acronyms and Abbreviations xvii

      Glossary xxiii

      Acknowledgments xxix

      Preface xxxiii

      Part 1: Introduction, Background, and History of Cybersecurity 1

      1 Purpose of this Book 1

      1.1 Target Audience 6

      1.2 What is Cybersecurity? 6

      1.3 What is Operational Technology (OT)? 10

      1.4 Which industries have OT? 13

      1.5 Scope 15

      1.6 Organization of the Book 17

      2 Types of Cyber-Attacks, Who Engages in Them and Why 19

      2.1 Types of Cyber-Attacks 19

      2.2 Who Commits Cybercrimes and Their Motives 26

      2.3 Summary 30

      3 Types of Risk Receptors / Targets 33

      3.1 What is Cybersecurity Risk 35

      3.2 What are Common Cybersecurity Targets? 38

      3.3 Types of Cybersecurity Consequences 43

      3.4 Summary 45

      4 Threat Sources and Types of Attacks 47

      4.1 Non-Targeted Attacks 49

      4.2 Targeted Attacks 53

      4.3 Advanced Persistent Threats (APT) 58

      4.4 Summary 62

      5 Who Could Create a Cyber Risk? Insider vs Outsider Threats 65

      5.1 Insider Cybersecurity Risk 65

      5.2 Outsider Cybersecurity Risk 69

      5.3 Summary 71

      6 Case Histories 73

      6.1 Maroochy Shire 73

      6.2 Stuxnet 77

      6.3 German Steel Mill 81

      6.4 Ukrainian Power Grid 84

      6.5 NotPetya 91

      6.6 Triton 95

      6.7 Düsseldorf Hospital Ransomware 99

      6.8 SolarWinds 101

      6.9 Florida Water System 105

      6.10 Colonial Pipeline Ransomware 107

      6.11 Summary 110

      Part 2: Integrating Cybersecurity Management into the Process Safety Framework 113

      7 General Model for Understanding Cybersecurity Risk 113

      7.1 Cybersecurity Lifecycle 113

      7.2 Integrated Cybersecurity and Safety Lifecycle 121

      7.3 NIST Cybersecurity Framework 129

      7.4 Summary 138

      8 Designing a Secure Industrial Automation and Control System 141

      8.1 The Disconnect between IT and OT Risk Management 141

      8.2 Inherently Safer vs Inherently More Secure 146

      8.3 Defense-in-Depth 149

      8.4 Network Segmentation 153

      8.5 System Hardening 173

      8.6 Security Monitoring 176

      8.7 Risk Compatibility Assessment 180

      8.8 Summary 182

      9 Hazard Identification and Risk Analysis (HIRA) 183

      9.1 Use of Process Safety Tools to Identify and Manage Cybersecurity Risk 185

      9.2 Qualitative Methods 187

      9.3 Quantitative Methods 217

      9.4 How to Prioritize Risk Reduction Measures? 231

      9.5 Revalidation/Reassessment 232

      9.6 Summary 233

      10 Manage the Risk 235

      10.1 Management Approach 235

      10.2 Initial Steps 236

      10.3 Cybersecurity Culture 240

      10.4 Compliance with Standards 242

      10.5 Cybersecurity Competency 246

      10.6 Workforce Involvement 248

      10.7 Stakeholder Outreach 251

      10.8 Process Knowledge Management 252

      10.9 Operating Procedures 256

      10.10 Safe Work Practices 259

      10.11 Management of Change 262

      10.12 Asset Integrity and Reliability 266

      10.13 Contractor Management 272

      10.14 Training and Performance Assurance 275

      10.15 Operational Readiness 278

      10.16 Conduct of Operations 281

      10.17 Emergency Management 285

      10.18 Incident Investigation 290

      10.19 Measurements and Metrics 295

      10.20 Auditing 300

      10.21 Management Review and Continuous Improvement 304

      10.22 Summary 307

      11 Implementing a Holistic Approach to Safety and Cybersecurity 311

      11.1 Cybersecurity Management Systems (CSMS) 312

      11.2 Integrating CSMS with Process Safety Management 327

      11.3 Summary 334

      Part 3: Where Do We Go from Here? 337

      12 What’s Next? A Look at Future Development Opportunities 337

      12.1 Cybersecurity Adoption Trends 338

      12.2 Emerging Technologies 350

      12.3 Summary 353

      13 Available Resources 355

      13.1 Local, Regional, and Global Topics 355

      13.2 Cybersecurity Incident Repositories 362

      13.3 Competency Requirements and Training Availability 363

      13.4 Administration vs Accountability Functions 368

      13.5 Summary 370

      Appendix A Excerpt from NIST Cybersecurity Framework 371

      Appendix B Detailed Cybersecurity PHA and LOPA Example 377

      B.1 System Basis 377

      B.2 Initial Risk Assessment 382

      B.3 Detailed Risk Assessment (Cyber PHA/HAZOP) 387

      B.4 LOPA/ Semi-Quantitative SL Verification 405

      Appendix C Example Cybersecurity Metrics 411

      Appendix D Cybersecurity Sample Audit Question List 413

      Appendix E Management System Review Examples 419

      References 421

      Index 437

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account