IC33 – Assessing the Cybersecurity of New or Existing IACS Systems

///IC33 – Assessing the Cybersecurity of New or Existing IACS Systems
Loading Events

IC33 – Assessing the Cybersecurity of New or Existing IACS Systems

May 6, 2020 - May 8, 2020

 

Length :

CEU Credits :

Course Hours :

Location:

AE Solutions
10375 Richmond Ave Ste 800 Houston, TX 77042-4477

Date:

May 6-8, 2020

Course Hours: 8:00 a.m.-4:00 p.m.

Description:

The first phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) is to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment in order to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA 62443-2-1, these assessments need to be performed on both new (i.e. greenfield) and existing (i.e. brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system, identifying security level targets, and documenting the cybersecurity requirements into a cybersecurity requirements specification (CRS).

This course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a CRS that can be used to document the cybersecurity requirements for a project.

You will be able to:

  • Identify and document the scope of the IACS under assessment
  • Specify, gather, or generate the cybersecurity information required to perform the assessment
  • Identify or discover cybersecurity vulnerabilities inherent in the IACS’ products or system design
  • Organize and facilitate a cybersecurity risk assessment for an IACS
  • Identify and evaluate realistic threat scenarios
  • Identify gaps in existing policies, procedures, and standards
  • Establish and document security zones and conduits
  • Develop a cybersecurity requirements specification (CRS)

 

Classroom/Laboratory Exercises:

  • Critiquing system architecture diagrams
  • Asset Inventory
  • Gap Assessment
  • Windows Vulnerability Assessment
  • Capturing Ethernet Traffic
  • Port Scanning
  • Using Vulnerability Scanning Tools
  • Perform a high-level risk assessment
  • Creating a zone & conduit diagram
  • Perform a detailed cyber risk assessment
  • Critiquing a cybersecurity requirements specification

 

For details and to register online:

https://www.isa.org/events-conferences/events-calendar/event-details/?productId=66263894

To Register :

Register

Organizer

Magda Moreno

Phone

Email

magda.moreno.v@outlook.com

Venue

AE Solutions

10375 Richmond Avenue, Suite 800 Houston, TX 77042 United States,

Houston , TX - 77042

United States. + Google Map