Group Purchasing
Group Purchasing

WORKSHOP | LEADERSHIP | ICS Cyber Security Risk Assessments – Doing One Together

WORKSHOP | LEADERSHIP | ICS Cyber Security Risk Assessments – Doing One Together (PDF, 2.46MB)Last updated: 08 Jun, 2026
Presented by:
Paul Piotrowski
Paul Piotrowski

Being able to perform OT Cyber Security Risk Assessments is becoming more essential with each year. Drivers to perform a risk assessments vary: regulatory requirement, internal justification for modernization upgrades or simply to better understand operational risk and to communicate it further to leadership. Finding skilled resources to be able to perform a risk assessment and running one in your busy operational environment is challenging. This workshop will include an interactive realistic ICS OT Cyber Security risk assessment to explore and enforce the following: - Rational and a high-level grounding on risk assessments How to effectively prepare the documentation and people for a risk assessment  - Executing a risk assessment following the IEC 62443-3-2 Methodology (SUC, zones, using a RAM Matrix, assessing (un)-mitigated risks, etc.) - How to be realistic and tactical with control selection - Outline common mistakes and pitfalls that occur

SANS ICS Security Summit 2026