Skip to Content



The Invisible Hazard: 
Cyber Threats Reshaping HSSE​

By Anish Bachu

Head, National Cyber Security Incident Response Team (TT-CSIRT) | Ministry of Homeland Security

 
 
LINKAGE Q4 (2025) - HSSE 360: INNOVATION FOR RESILIENCE
In today’s hyperconnected world, some of the most dangerous hazards remain unseen. Cyber threats, once confined to IT, now ripple across every HSSE layer. As digital systems underpin critical operations, the line between physical safety and digital resilience blurs, forcing organisations to rethink how they protect their people, their assets, and the environment.
Cyber-attacks with the greatest impact on HSSE are those that strike at the heart of operational resilience. They transcend the digital realm and trigger real‑world consequences such as physical harm and environmental damage.
Trinidad and Tobago and the wider CARICOM region are no strangers to attacks on critical systems. Major incidents have made headlines across the region, but the true implications are often not comprehensively understood outside of a few specialised circles.
A Target‑Rich Environment
Connected operational technology (OT) environments often overlook cyber security, leaving critical systems exposed. In addition, industrial control systems (ICS) and OT were designed for availability and control rather than confidentiality, so they often lack modern security controls and are difficult to patch or implement retroactively without disrupting operations. This digital blind spot creates fertile ground for malicious actors. Threat actors increasingly target ICS and OT networks across the world. Their tactics often combine technical exploits with social engineering, making them especially difficult to detect and counter. Exploiting weak defences, outdated technologies and human error, they infiltrate and manipulate processes with precision and expertise. 
Not all successful attacks are sophisticated; many rely on unsophisticated means such as default credentials or brute force. A threat actor’s first step is gaining initial access using common attack vectors, which are widely exploited and remain effective. Once inside, the threat actor takes advantage of established trust relationships to move across the network and map critical controllers and configurations. With this understanding, the threat actor can send malicious commands and create unsafe conditions. Because digital access is coupled to physical processes, a cyber intrusion can rapidly become a safety and environmental emergency.
Cyber Risk is a Core Safety Hazard
Cyber security should be embedded into HSSE frameworks. Hazard identification, risk assessment and incident response should include cyber‑physical scenarios. Cyber risk assessments should be part of an organisation’s Process Hazard Analysis framework so that cyber‑initiated failure points are captured and mitigations are designed into safety cases.
Safety barriers are being redefined to include cyber controls. HSSE training should be expanded to include cyber hygiene and joint drills that simulate cyber‑physical incidents to validate roles and communications.
Who owns cyber security risk and mitigation in the organisation? The answer is short but not simple: cyber security risk requires cross‑functional ownership that shares accountability for safety outcomes. Reporting lines and KPIs must reflect combined cyber‑safety risk rather than siloed metrics. There should be synergy between cyber security frameworks and process safety standards so that both functional safety and cyber safety can be assessed and demonstrated.
Regional and National Capabilities and Response Mechanisms
Recently, CARICOM IMPACS (Caribbean Community Implementation Agency for Crime and Security) launched the updated CARICOM Cyber Security and Cybercrime Action Plan (CCSCAP) to strengthen regional cooperation, detection, and response mechanisms. The Cyber Fusion Unit under CARICOM IMPACS plays a vital role in the coordination of cyber threat intelligence to disruption potential attacks and the coordination of regional incident response. Locally, the Trinidad and Tobago Cyber Security Incident Response Team (TT‑CSIRT) under the Ministry of Homeland Security has been trained to conduct cyber risk assessments as well as respond to cyber incidents in OT environments. This ensures that there are specially trained personnel ready to response should a cyber-physical incident occur. TT-CSIRT also plays a key role by coordinating multi-agency responses to cyber-physical incidents, ensuring that the appropriate GORTT resources are mobilised. 
The bottom line is that HSSE has evolved from protecting people and the environment against physical hazards to managing cyber‑physical hazards. Your organizational culture has to evolve with it.  
ABOUT THE AUTHOR

Anish Bachu is the Head of the National Cyber Security Incident Response Team (TT-CSIRT) at the Ministry of Homeland Security