{"product_id":"managing-cybersecurity-in-the-process-industries-9781119861782","title":"Managing Cybersecurity in the Process Industries","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eTable of Contents v\u003c\/p\u003e \u003cp\u003eList of Figures xi\u003c\/p\u003e \u003cp\u003eList of Tables xiii\u003c\/p\u003e \u003cp\u003eAcronyms and Abbreviations xvii\u003c\/p\u003e \u003cp\u003eGlossary xxiii\u003c\/p\u003e \u003cp\u003eAcknowledgments xxix\u003c\/p\u003e \u003cp\u003ePreface xxxiii\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart 1: Introduction, Background, and History of Cybersecurity 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 Purpose of this Book 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1.1 Target Audience 6\u003c\/p\u003e \u003cp\u003e1.2 What is Cybersecurity? 6\u003c\/p\u003e \u003cp\u003e1.3 What is Operational Technology (OT)? 10\u003c\/p\u003e \u003cp\u003e1.4 Which industries have OT? 13\u003c\/p\u003e \u003cp\u003e1.5 Scope 15\u003c\/p\u003e \u003cp\u003e1.6 Organization of the Book 17\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 Types of Cyber-Attacks, Who Engages in Them and Why 19\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e2.1 Types of Cyber-Attacks 19\u003c\/p\u003e \u003cp\u003e2.2 Who Commits Cybercrimes and Their Motives 26\u003c\/p\u003e \u003cp\u003e2.3 Summary 30\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 Types of Risk Receptors \/ Targets 33\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e3.1 What is Cybersecurity Risk 35\u003c\/p\u003e \u003cp\u003e3.2 What are Common Cybersecurity Targets? 38\u003c\/p\u003e \u003cp\u003e3.3 Types of Cybersecurity Consequences 43\u003c\/p\u003e \u003cp\u003e3.4 Summary 45\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 Threat Sources and Types of Attacks 47\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e4.1 Non-Targeted Attacks 49\u003c\/p\u003e \u003cp\u003e4.2 Targeted Attacks 53\u003c\/p\u003e \u003cp\u003e4.3 Advanced Persistent Threats (APT) 58\u003c\/p\u003e \u003cp\u003e4.4 Summary 62\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 Who Could Create a Cyber Risk? Insider vs Outsider Threats 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e5.1 Insider Cybersecurity Risk 65\u003c\/p\u003e \u003cp\u003e5.2 Outsider Cybersecurity Risk 69\u003c\/p\u003e \u003cp\u003e5.3 Summary 71\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 Case Histories 73\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e6.1 Maroochy Shire 73\u003c\/p\u003e \u003cp\u003e6.2 Stuxnet 77\u003c\/p\u003e \u003cp\u003e6.3 German Steel Mill 81\u003c\/p\u003e \u003cp\u003e6.4 Ukrainian Power Grid 84\u003c\/p\u003e \u003cp\u003e6.5 NotPetya 91\u003c\/p\u003e \u003cp\u003e6.6 Triton 95\u003c\/p\u003e \u003cp\u003e6.7 Düsseldorf Hospital Ransomware 99\u003c\/p\u003e \u003cp\u003e6.8 SolarWinds 101\u003c\/p\u003e \u003cp\u003e6.9 Florida Water System 105\u003c\/p\u003e \u003cp\u003e6.10 Colonial Pipeline Ransomware 107\u003c\/p\u003e \u003cp\u003e6.11 Summary 110\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart 2: Integrating Cybersecurity Management into the Process Safety Framework 113\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 General Model for Understanding Cybersecurity Risk 113\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e7.1 Cybersecurity Lifecycle 113\u003c\/p\u003e \u003cp\u003e7.2 Integrated Cybersecurity and Safety Lifecycle 121\u003c\/p\u003e \u003cp\u003e7.3 NIST Cybersecurity Framework 129\u003c\/p\u003e \u003cp\u003e7.4 Summary 138\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 Designing a Secure Industrial Automation and Control System 141\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e8.1 The Disconnect between IT and OT Risk Management 141\u003c\/p\u003e \u003cp\u003e8.2 Inherently Safer vs Inherently More Secure 146\u003c\/p\u003e \u003cp\u003e8.3 Defense-in-Depth 149\u003c\/p\u003e \u003cp\u003e8.4 Network Segmentation 153\u003c\/p\u003e \u003cp\u003e8.5 System Hardening 173\u003c\/p\u003e \u003cp\u003e8.6 Security Monitoring 176\u003c\/p\u003e \u003cp\u003e8.7 Risk Compatibility Assessment 180\u003c\/p\u003e \u003cp\u003e8.8 Summary 182\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9 Hazard Identification and Risk Analysis (HIRA) 183\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e9.1 Use of Process Safety Tools to Identify and Manage Cybersecurity Risk 185\u003c\/p\u003e \u003cp\u003e9.2 Qualitative Methods 187\u003c\/p\u003e \u003cp\u003e9.3 Quantitative Methods 217\u003c\/p\u003e \u003cp\u003e9.4 How to Prioritize Risk Reduction Measures? 231\u003c\/p\u003e \u003cp\u003e9.5 Revalidation\/Reassessment 232\u003c\/p\u003e \u003cp\u003e9.6 Summary 233\u003c\/p\u003e \u003cp\u003e\u003cb\u003e10 Manage the Risk 235\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e10.1 Management Approach 235\u003c\/p\u003e \u003cp\u003e10.2 Initial Steps 236\u003c\/p\u003e \u003cp\u003e10.3 Cybersecurity Culture 240\u003c\/p\u003e \u003cp\u003e10.4 Compliance with Standards 242\u003c\/p\u003e \u003cp\u003e10.5 Cybersecurity Competency 246\u003c\/p\u003e \u003cp\u003e10.6 Workforce Involvement 248\u003c\/p\u003e \u003cp\u003e10.7 Stakeholder Outreach 251\u003c\/p\u003e \u003cp\u003e10.8 Process Knowledge Management 252\u003c\/p\u003e \u003cp\u003e10.9 Operating Procedures 256\u003c\/p\u003e \u003cp\u003e10.10 Safe Work Practices 259\u003c\/p\u003e \u003cp\u003e10.11 Management of Change 262\u003c\/p\u003e \u003cp\u003e10.12 Asset Integrity and Reliability 266\u003c\/p\u003e \u003cp\u003e10.13 Contractor Management 272\u003c\/p\u003e \u003cp\u003e10.14 Training and Performance Assurance 275\u003c\/p\u003e \u003cp\u003e10.15 Operational Readiness 278\u003c\/p\u003e \u003cp\u003e10.16 Conduct of Operations 281\u003c\/p\u003e \u003cp\u003e10.17 Emergency Management 285\u003c\/p\u003e \u003cp\u003e10.18 Incident Investigation 290\u003c\/p\u003e \u003cp\u003e10.19 Measurements and Metrics 295\u003c\/p\u003e \u003cp\u003e10.20 Auditing 300\u003c\/p\u003e \u003cp\u003e10.21 Management Review and Continuous Improvement 304\u003c\/p\u003e \u003cp\u003e10.22 Summary 307\u003c\/p\u003e \u003cp\u003e\u003cb\u003e11 Implementing a Holistic Approach to Safety and Cybersecurity 311\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e11.1 Cybersecurity Management Systems (CSMS) 312\u003c\/p\u003e \u003cp\u003e11.2 Integrating CSMS with Process Safety Management 327\u003c\/p\u003e \u003cp\u003e11.3 Summary 334\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart 3: Where Do We Go from Here? 337\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e12 What’s Next? A Look at Future Development Opportunities 337\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e12.1 Cybersecurity Adoption Trends 338\u003c\/p\u003e \u003cp\u003e12.2 Emerging Technologies 350\u003c\/p\u003e \u003cp\u003e12.3 Summary 353\u003c\/p\u003e \u003cp\u003e\u003cb\u003e13 Available Resources 355\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e13.1 Local, Regional, and Global Topics 355\u003c\/p\u003e \u003cp\u003e13.2 Cybersecurity Incident Repositories 362\u003c\/p\u003e \u003cp\u003e13.3 Competency Requirements and Training Availability 363\u003c\/p\u003e \u003cp\u003e13.4 Administration vs Accountability Functions 368\u003c\/p\u003e \u003cp\u003e13.5 Summary 370\u003c\/p\u003e \u003cp\u003e\u003cb\u003eAppendix A Excerpt from NIST Cybersecurity Framework 371\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eAppendix B Detailed Cybersecurity PHA and LOPA Example 377\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eB.1 System Basis 377\u003c\/p\u003e \u003cp\u003eB.2 Initial Risk Assessment 382\u003c\/p\u003e \u003cp\u003eB.3 Detailed Risk Assessment (Cyber PHA\/HAZOP) 387\u003c\/p\u003e \u003cp\u003eB.4 LOPA\/ Semi-Quantitative SL Verification 405\u003c\/p\u003e \u003cp\u003e\u003cb\u003eAppendix C Example Cybersecurity Metrics 411\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eAppendix D Cybersecurity Sample Audit Question List 413\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eAppendix E Management System Review Examples 419\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eReferences 421\u003c\/p\u003e \u003cp\u003eIndex 437\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":48866420949335,"sku":"9781119861782","price":124.15,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119861782.jpg?v=1722278562","url":"https:\/\/bookcurl.com\/products\/managing-cybersecurity-in-the-process-industries-9781119861782","provider":"Book Curl","version":"1.0","type":"link"}