About Session
Technical Level: Beginner
This session introduces Principled Risk Management, a new approach to bridging IT and OT risk management in industrial environments, using smart grids as a case study. Grounded in global standards (ISO, IEC, NIST), the methodology addresses the growing complexity of cyber risk, organizational misalignment, and the gap between risk processes and business value. Key insights include shifting from domain-based risk to business-driven criticality, building a shared risk language, and creating adaptive, audit-ready processes that are both practical and strategic.
