Home/Events/
Loading Events

Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

September 13, 2021 - November 14, 2021

 

Length : 2 Days

CEU Credits : 1.4

Course Hours : 8:00 a.m.-4:00 p.m

Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.

Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program

Your course registration includes your registration for the exam.

Description:

The move to using open standards such as Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. This course provides a detailed look at how the ANSI/ISA99 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments.

You will be able to:

  • Discuss the principles behind creating an effective long term program security
  • Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
  • Define the basics of risk and vulnerability analysis methodologies
  • Describe the principles of security policy development
  • Explain the concepts of defense in depth and zone/conduit models of security
  • Analyze the current trends in industrial security incidents and methods hackers use to attack a system
  • Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

You will cover:

  • Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
  • How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
  • Creating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • Risk Analysis:  Business Rationale | Risk Identification, Classification, and Assessment
  • Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
  • Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
  • Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
  • Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
  • Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems

Classroom/Laboratory Demo:

  • PCAP Live Capture Analysis

Includes ISA Standards:

  • ANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007), Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
  • ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009), Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • ANSI/ISA-62443-3-3, Security for industrial automation and control systems: System security requirements and security levels

Recommended Pre-Requisites:

There are no required prerequisites for taking this course; however, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting.

ISA Courses: TS06, TS12, or equivalent knowledge/experience would be beneficial.

Note from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of TS04, TS06, TS12 or cybersecurity general principles. IC32 is a 14-hour boot camp style class and there is not a lot of time to teach basic comms and cybersecurity.

Recommended reading in preparation for course:

Cybersecurity Library

Which Security Level (SL) would have been required to prevent the attack?

Not sure this particular course is for you?

pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.

To Register : https://myisa.force.com/ISA/s/community-event?id=a1U1I00000CXP46UAH#/Course%20Description

Register

Organizer

Glen Wood

Phone

N/A

Email

glnwd15@gmail.com

Venue

Burns McDonnell,1898 & Co.

1700 West Loop South,

Houston , - 77027

United States. + Google Map

IACS Cybersecurity Operations & Maintenance (IC37

September 28, 2021 - September 30, 2021

 

Length : 3 Days

CEU Credits : 2.1

Course Hours :

Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program

Your course registration includes your registration for the exam.

Description:

The third phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting, security monitoring and incident response, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change, backup and recovery procedures and periodic cybersecurity audits.

This course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an every changing threat environment.

You will be able to:

  • Perform basic network diagnostics and troubleshooting
  • Interpret the results of IACS device diagnostic alarms and event logs
  • Implement IACS backup and restoration procedures
  • Describe the IACS patch management life cycle and procedure
  • Apply an antivirus management procedure
  • Define the basics of application control and white listing tools
  • Define the basics of network and host intrusion detection
  • Define the basics of security incident and event monitoring tools
  • Implement an incident response plan
  • Implement an IACS management of change procedure
  • Conduct a basic IACS cyber security audit

 

You will cover:

  • Introduction to the ICS Cybersecurity Lifecycle
  • Identification & Assessment phase
  • Design & Implementation phase
  • Operations & Maintenance phase
  • Network Diagnostics and Troubleshooting
  • Interpreting device alarms and event logs
  • Early indicators
  • Network intrusion detection systems
  • Network management tools
  • Application Diagnostics and Troubleshooting
  • Interpreting OS and application alarms and event logs
  • Early indicators
  • Application management and whitelisting tools
  • Antivirus and endpoint protection tools
  • Security incident and event monitoring (SIEM) tools
  • IACS Cybersecurity Operating Procedures & Tools
  • Developing and following an IACS management of change procedure
  • Developing and following an IACS backup procedure
  • IACS configuration management tools
  • Developing and following an IACS patch management procedure
  • Patch management tools
  • Developing and following an IACS antivirus management procedure
  • Antivirus and whitelisting tools
  • Developing and following an IACS cybersecurity audit procedure
  • Auditing tools
  • IACS incident response
  • Developing and following an IACS incident response plan
  • Incident investigation
  • System recovery

 

Classroom/Laboratory Exercises:

  • Asset Inventory
  • ICS Device Hardening
  • Disabling USB Storage Devices
  • Restrict access to USB drives
  • Application Control / Whitelisting
  • Microsoft Windows Software Update Services (WSUS)
  • PLC backup and configuration management
  • Change Management (MOC form)
  • Event Detection Tracking and Log Monitoring
  • Vulnerability Scanning
  • Network Packet Capture Analysis
  • Troubleshooting and Forensics

 

Who Should Attend?

  • Operations and maintenance personnel
  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers industrial facilities
  • Plant Safety and Risk Management

 

Recommended Pre-Requisites:

ISA Courses TS06, TS12, TS20, IC32, IC33 and IC34 or equivalent knowledge/experience.

Recommended Reading:

Cybersecurity Library

To Register : https://myisa.force.com/ISA/s/community-event?id=a1U1I00000CXP4LUAX#/Location

Register

Organizer

Glen Wood

Phone

N/A

Email

glnwd15@gmail.com

Venue

Burns McDonnell,1898 & Co.

1700 West Loop South,

Houston , - 77027

United States. + Google Map

Go to Top