2021-10-20: The Case for Control Systems Cyberseurity Capability (Scalco)
Date: Wednesday, October 20, 2021
Aleksandra Scalco, CSEP, Engineer with the Naval Information Warfare Center, uses the Colonial Pipeline ransomware example as a case study for cybersecurity controls' return on Investment (ROI) for critical infrastructure control systems. By taking into account that the general principles of cybersecurity risk are probability- and consequences-associated with a threat agent exploiting a vulnerability to harm. She explained how to use a commercial approach to assign a numerical value or cost to assets which allow for a cost-benefit analysis that may be a more precise and concise characterization of risk.