Course Overview

IACS Cybersecurity Operations & Maintenance (IC37) focuses on the ongoing operation, monitoring, and maintenance of cybersecurity controls implemented in industrial automation and control systems (IACS). This course addresses how to sustain the achieved security level throughout the system lifecycle despite evolving threats, system changes, and operational constraints.

Participants learn how to detect, respond to, and recover from cybersecurity incidents while maintaining compliance with ISA/IEC 62443 requirements.

Course Details

Course #: IC37

Dates: May 18–20

Length: 3 days

Hours: 8:00 a.m. – 4:00 p.m.

CEUs: 2.1

Location: Microsoft, Houston TX

Certificate: Certificate of completion provided

Exam: One exam included with registration

Certificate Program

IC37 is the fourth and final course in the ISA/IEC 62443 Cybersecurity Certificate Program.

Successful completion of the course and exam earns the ISA/IEC 62443 Cybersecurity Maintenance Specialist certificate.

Required Prerequisites

Successful completion of IC32 – Using the ISA/IEC 62443 Standards to Secure Your Control Systems

Passing the ISA/IEC 62443 Cybersecurity Fundamentals Specialist exam

Recommended: IC33 and IC34 or equivalent knowledge/experience

Who Should Take IC37

– Control systems engineers and managers- System integrators

– IT engineers and managers in industrial facilities

– Plant managers

– Plant safety and risk management personnel

Learning Objectives

– Perform basic network diagnostics and troubleshooting

– Interpret IACS device alarms and event logs

– Implement backup and restoration procedures

– Apply patch management lifecycle procedures

– Implement antivirus and application whitelisting strategies

– Define intrusion detection and security monitoring basics

– Implement incident response plans

– Manage cybersecurity-related changes (MOC)

– Conduct basic cybersecurity audits

Topics Covered

– IACS cybersecurity lifecycle overview

– Operations & maintenance phase focus

– Network diagnostics and troubleshooting

– Interpreting device, OS, and application logs

– Intrusion detection systems (IDS)

– Security incident and event monitoring (SIEM)

– Backup, recovery, and configuration management

– Patch management and antivirus procedures

– Management of Change (MOC)

– Cybersecurity audits and compliance

Hands-On Activities & Exercises

– Network diagnostics and troubleshooting

– Allowlisting and antivirus configuration

– Patch management exercises

– Intrusion detection using Snort

– Incident response and recovery scenarios

– Security Information and Event Management (SIEM) demonstrations

Recommended Resources – Standards

ISA-62443-1-1-2007 – Terminology, Concepts, and Models

ISA-62443-2-1-2009 – Establishing an IACS Security Program

ANSI/ISA-62443-3-2-2020 – Security Risk Assessment for System Design

ANSI/ISA-62443-3-3-2013 – System Security Requirements and Security LevelsRecommended Resources – Books

Industrial Automation and Control System Security Principles, Second Edition by Ronald L. Krutz, PhD, PE

Recommended Additional Preparation

Experience with industrial automation systems, cybersecurity fundamentals, and familiarity with monitoring and maintenance practices will help participants get the most value from this course.