Certification of Completion:A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.

Certificate Program:Part of the ISA/IEC 62443 Cybersecurity Certificate Program

Your course registration includes your registration for the exam.

• ISA’s CyberU online instructor-led training courses offer the benefit of a high-quality ISA training course with the added advantage of studying at your own pace in the office, at home, or while traveling.
• This online course utilizes online training modules, additional text materials, online evaluations, and e-mail discussions. Students will have access via email to an instructor and an opportunity to participate in live Q&A sessions with the instructor and other class participants.
• This CyberU course runs for seven (7) weeks. You will have access to six online modules for the modular sessions. Each module is between 20 to 90 minutes. Your course syllabus will guide you through the course modules and provide assignments and the schedule for the live Q&A sessions.

Description

Assessing the Cybersecurity of New or Existing IACS Systems (IC33E) is an online course which will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements of the project. This course is a blended learning format which includes interactive, on-demand modules, weekly assignments and instructor call-in sessions. Modules include instructional content, interactive reviews, video lab demonstrations conducted by an ISA Cybersecurity instructor and assessments.

You will be able to:

• Discuss the need and importance for control system security
• Learn about current principles and best practices
• Understand the structure and content of the ISA 99 / IEC 62443 series of documents
• Discuss the principles behind the creating an effective long term program security
• Learn the basics of risk analysis, industrial networking and network security
• Understand the concepts of defense in depth and zones and conduits
• Learn how to apply key risk mitigation techniques such as anti-virus, patch management, firewalls and virtual private networks
• Learn how secure software development strategies can make systems inherently more secure
• Learn what is being done to validate or verify the security of systems

You will cover:

• Preparing for an Assessment
• Cybersecurity Vulnerability Assessment
• Conducting Vulnerability Assessments
• Cyber Risk Assessments
• Conducting Cyber Risk Assessments
• Documentation and Reporting
• And more…

You will be able to:

• Identify and document the scope of the IACS under assessment
• Specify, gather or generate the cybersecurity information required to perform the assessment
• Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design
• Organize and facilitate a cybersecurity risk assessment for an IACS
• Identify and evaluate realistic threat scenarios
• Identify gaps in existing policies, procedures and standards
• Establish and document security zones and conduits
• Prepare documentation of assessment results

Lab demonstrations: (Included in modules)

• Critiquing System Architecture Diagrams
• Asset Inventory
• Gap Assessment
• Windows Vulnerability Assessment
• Capturing Ethernet Traffic
• Port Scanning
• Windows Vulnerability Scanning
• Perform a High-Level Cybersecurity Risk Assessment
• Creating a Zone & Conduit Diagram
• Perform a Detailed Cyber Risk Assessment
• Risk Assessment Report

Who should attend:

• Control systems engineers and managers
• System Integrators
• IT engineers and managers industrial facilities
• IT corporate/security professionals
• Plant Safety and Risk Management

Recommended Pre-Requisite:

ISA Course IC32, IC32E or equivalent knowledge/experience.

What is included:

• On-demand modules with video lab demonstrations included
  • Module 1: Preparing for an Assessment (Approx. 95 minutes)
  • Module 2: Cybersecurity Vulnerability Assessment (Approx. 35 minutes)
  • Module 3: Conducting Vulnerability Assessments (Approx. 102 minutes)
  • Module 4: Cyber Risk Assessments (Approx. 69 minutes)
  • Module 5: Conducting Cyber Risk Assessments (Approx. 80 minutes)
  • Module 6: Documentation (Approx. 15 minutes)
• A viewable version of ISA standards for course reference
  • ISA/IEC 62443-1-1
  • ISA/IEC 62443-2-1
  • ISA/IEC 62443-3-3
  • ISA/IEC 62443-2 (draft version)
• ISA’s Cybersecurity Assessment Challenge – a Jeopardy-style review game which can be used as a review for the certification exam (Free Add-On)
• Exam registration for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist
• Course Note Set and Syllabus

Recommended Reading:

Cybersecurity Library

Not sure this particular course is for you?

A pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.