Critical Infrastructure Risk Assessment

Critical Infrastructure Risk Assessment

The Definitive Threat Identification and Threat Reduction Handbook

Ernie Hayden, MIPM, CISSP, CEH, GICSP(Gold), PSP


  • Description
  • Author
  • Info
  • Reviews


As a manager or engineer have you ever been assigned a task to perform a risk assessment of one of your facilities or plant systems? What if you are an insurance inspector or corporate auditor? Do you know how to prepare yourself for the inspection, decided what to look for, and how to write your report?

This is a handbook for junior and senior personnel alike on what constitutes critical infrastructure and risk and offers guides to the risk assessor on preparation, performance, and documentation of a risk assessment of a complex facility. This is a definite “must read” for consultants, plant managers, corporate risk managers, junior and senior engineers, and university students before they jump into their first technical assignment.


Ernie Hayden, MIPM, CISSP, CEH, GICSP(Gold), PSP:

Ernie Hayden is a highly experienced and seasoned technical consultant, author, speaker, strategist, and thought-leader with extensive experience in the critical infrastructure protection/security domain, industrial controls security, cybercrime, cyberwarfare, and physical security areas. His primary emphasis is on offering expert advice and commentary on performing risk assessments of industrial controls, energy supply, and chemical/oil/gas/electric grid security, with special expertise on CIP-014-2 – Physical Security of Substations, and risks of commercial drones to critical infrastructure.

Hayden is currently the founder and principal of 443 Consulting, LLC. He has held roles as the Chairman, President, and CEO of MCM Enterprise – an advanced sensor company; industrial control security lead at Jacobs Engineering & Technology and BBA Engineering; executive consultant at Securicon LLC; and information security officer/manager at the Port of Seattle, Group Health Cooperative (Seattle), ALSTOM ESCA, and Seattle City Light.

Ernie was a commissioned officer in the US Navy nuclear program and was on the commissioning crew of the USS Texas (CGN-39). For the first 25 years of his civilian life Ernie worked in the commercial nuclear arena as a technical manager at Westinghouse Electric, the Institute of Nuclear Power Operations (INPO), the Trojan Nuclear Plant, and the Electric Power Research Institute (EPRI).

Ernie is an accomplished writer and frequent author of blogs, opinion pieces, and white papers. He is an invited columnist for the “Ask the Experts” discussions on TechTarget-SearchSecurity. Other thought-leadership articles have included authoring a chapter on “Cybercrime’s Impact on Information Security,” in the Oxford University Press Cybercrime and Security Legal Series and several articles in Information Security Magazine including his original research on data lifecycle security and an article on data breaches in the same publication. Hayden has been quoted in, the Boston Globe, Symantec Blog, and other major media outlets.

Ernie is a very active contributor in global security forums. He is currently a member of the European Union Network and Information Security Agency (ENISA) Stakeholder Board on Industrial Controls Security and was an invited contributor to the Caspian Strategy Institute (Hazar) (Turkey). He has been an instructor, curriculum developer, and advisor for the University of Washington Information System Security Certificate program in Seattle. Additionally, Ernie has been a contract instructor for the Cyberterrorism Defense and Analysis Center, sponsored by the U.S. Department of Homeland Security.