Abstract
Cybersecurity and functional safety have different objectives and there are differences in risk assessments. Cooperation between the domains is needed, especially, in risk identification and risk treatment phases. It is useful to consider cybersecurity risk treatment actions from many perspectives and levels, like, lifecycle phase, system of systems approach, properties of the target and risk treatment strategy. In addition, defence in depth strategy need to be applied. This kind of holistic approach can make it more probable to avoid the weak links of the cybersecurity.
Companies are facing new cybersecurity requirements, and this means that there is a lot of work to fulfil the requirements. On the other hand, the requirements are made, because the number of cyberattacks is increasing and actions are needed to prevent and minimize the impacts of cyberattacks. The requirements are also related to the level of confidence. When machine manufacturers and system providers are fulfilling specific requirements the customers can learn, how confident they can be on cybersecurity measures, and this can be good for business. Also, the user organization and asset owner need to have adequate cybersecurity measures, since they are often the first ones to suffer consequences of the cyberattack. All of this can be considered as a new expense item, but it can be seen also as an opportunity to new business.
Companies are facing new cybersecurity requirements, and this means that there is a lot of work to fulfil the requirements. On the other hand, the requirements are made, because the number of cyberattacks is increasing and actions are needed to prevent and minimize the impacts of cyberattacks. The requirements are also related to the level of confidence. When machine manufacturers and system providers are fulfilling specific requirements the customers can learn, how confident they can be on cybersecurity measures, and this can be good for business. Also, the user organization and asset owner need to have adequate cybersecurity measures, since they are often the first ones to suffer consequences of the cyberattack. All of this can be considered as a new expense item, but it can be seen also as an opportunity to new business.
Original language | English |
---|---|
Publisher | VTT Technical Research Centre of Finland |
Number of pages | 55 |
Publication status | Published - 16 Sept 2024 |
MoE publication type | D4 Published development or research report or study |
Publication series
Series | VTT Research Report |
---|---|
Number | VTT-R-00499-24 |
Funding
Keywords
- cybersecurity
- functional safety
- risk
- risk assessment