Developing an effective cybersecurity risk management framework presents unique challenges, particularly in pharmaceutical manufacturing environments with complex OT systems. Almirall's journey demonstrates how a small security team evolved from qualitative risk assessments to a sophisticated deterministic model that balances long-term process maturity with real-time risk indicators. This session will provide practical insights into creating a risk framework that delivers actionable intelligence while maintaining defensibility when reporting to executive leadership.

This session will provide:

• An overview of the evolution of a deterministic model applied to manufacturing processes;
• The background and context of the model's development;
• Risk management models encountered on Almirall's journey;
• A deterministic risk management model based on NIST CSF and key risk indicators.