BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//ISA - Houston Section - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://www.houstonisa.org
X-WR-CALDESC:Events for ISA - Houston Section
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/Chicago
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20190310T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20191103T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20200308T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20201101T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20210314T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20211107T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20220313T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20221106T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20230312T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20231105T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20240310T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20241103T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20250309T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20251102T070000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:20260308T080000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:20261101T070000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20250507T080000
DTEND;TZID=America/Chicago:20250509T160000
DTSTAMP:20260527T173647
CREATED:20250321T135332Z
LAST-MODIFIED:20250429T135254Z
UID:10000202-1746604800-1746806400@www.houstonisa.org
SUMMARY:ISA/IEC 62443 - Assessing the Cybersecurity of New or Existing IACS Systems (IC33)
DESCRIPTION:(Discount code HOUS2025) \nThe first phase in the IACS Cybersecurity Lifecycle is to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment in order to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA 62443-2-1 these assessments need to be performed on both new (i.e. greenfield) and existing (i.e. brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system\, identifying security level targets\, and documenting the cybersecurity requirements into a cybersecurity requirements specification (CRS). \nThis course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements the project. \nCertificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.
URL:https://www.houstonisa.org/event/isa-iec-62443-assessing-the-cybersecurity-of-new-or-existing-iacs-systems-ic33/
LOCATION:Rockwell\, 575 N Dairy Ashford Rd\, Unit 300\, Houston\, TX\, 77079\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Lisa Green":MAILTO:lgreen@isa.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20250505T080000
DTEND;TZID=America/Chicago:20250506T160000
DTSTAMP:20260527T173647
CREATED:20250320T200954Z
LAST-MODIFIED:20250320T201609Z
UID:10000201-1746432000-1746547200@www.houstonisa.org
SUMMARY:ISA/IEC 62443 - Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)
DESCRIPTION:(Discount code HOUS2025) \n\n\n\n\nA detailed look at how the ISA/IEC 62443 cybersecurity standards protect critical industrial control systems\, the procedural and technical differences between IT and OT cybersecurity\, and the various security ramifications of the move to open systems. \nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nCertificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam.
URL:https://www.houstonisa.org/event/isa-iec-62443-using-the-isa-iec-62443-standards-to-secure-your-control-systems-ic32/
LOCATION:Rockwell\, 575 N Dairy Ashford Rd\, Unit 300\, Houston\, TX\, 77079\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Lisa Green":MAILTO:lgreen@isa.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20250211T080000
DTEND;TZID=America/Chicago:20250212T160000
DTSTAMP:20260527T173647
CREATED:20250113T070318Z
LAST-MODIFIED:20250115T183756Z
UID:10000176-1739260800-1739376000@www.houstonisa.org
SUMMARY:Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)
DESCRIPTION:Course #: IC32 | CEUs: 1.4 | Length: 2 days | Hours: 8:00 a.m. – 4:00 p.m. | A certificate of completion indicating the total number of CEUs earned will be provided upon successful course completion. \nUsing the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32) provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. \nWith the move to using open standards\, such as Ethernet\, Transmission Control Protocol/Internet Protocol (TCP/IP)\, and web technologies\, in supervisory control and data acquisition (SCADA) and process control networks (PCN)\, systems are being exposed to the same cyberattacks facing corporate information systems\, protecting control systems is more important than ever. \n\nCertificate Program: This is a preparatory class for the ISA/IEC 62443 Cybersecurity Certificate Program. The course registration includes the fee for one exam. \n\nWho Should Take IC32?\n\nControl systems engineers and managers\nSystem integrators\nIT Engineers and managers at industrial facilities\nPlant managers\nPlant safety and risk management\n\n\nLearning Objectives\n\nDiscuss the principles behind creating an effective long-term program security\nInterpret the ISA/IEC 62443 industrial security framework and apply them to your operation\nDefine the basics of risk and vulnerability analysis methodologies\nDescribe the principles of security policy development\nExplain the concepts of defense in depth and zone/conduit models of security\nAnalyze the current trends in industrial security incidents and methods hackers use to attack a system\nDefine the principles behind the key risk mitigation techniques\, including anti-virus and patch management\, firewalls and virtual private networks\nDescribe how secure software development strategies can make systems inherently more secure\nExplain how systems security is verified\n\n\nTopics Covered\n\nUnderstanding the Current Industrial Security Environment\n\nWhat is electronic security for industrial automation and control systems (IACSs)?\nHow IT and the plant floor are different and how they are the same\n\n\nHow Cyberattacks Happen\n\nUnderstanding the threat sources\nSteps to successful cyberattacks\n\n\nCreating A Security Program\n\nCritical factors for success\n\n\nUnderstanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)\, Security for industrial automation and control systems\, Part 2-1: Establishing an industrial automation and control systems security program\nRisk Analysis\n\nBusiness rationale\nRisk identification\nClassification\nAssessment\n\n\nAddressing Risk with Security Policy\, Organization\, and Awareness\n\nCybersecurity management system scope\nOrganizational security\nStaff training and security awareness\n\n\nAddressing Risk with Selected Security Counter Measures\n\nPersonnel security\nPhysical and environmental security\nNetwork segmentation\nAccess control\n\n\nAddressing Risk with Implementation Measures\n\nRisk management and implementation\nSystem development and maintenance\nInformation and document management\n\n\nMonitoring and Improving the CSMS\n\nCompliance and review\nImprove and maintain the cyber security management system (CSMS)\n\n\nValidating or Verifying the Security of Systems\n\nWhat is being done?\nDeveloping secure products and systems\n\n\n\n\nExercise\nPCAP live capture analysis \n\nResources Included*\n\nISA-62443-1-1-2007\, Security for Industrial automation and control systems – Part 1-1: Terminology\, concepts and models\nISA-62443-2-1 (99.02.01)-2009\, Security for industrial automation and control systems – Part 2-1: Establishing an industrial automation and control systems security program\nISA-62443-3-3 (99.03.03)-2013\, ISA-62443-3-3 (99.03.03)-2013\, Security for industrial automation and control systems – Part 3-3: System security requirements and security levels\n\n  \n*PDF format only. \n\nRecommended Prerequisites\n\nThere are no required prerequisites for taking this course; however\, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting. IC32 is a 14-hour boot camp-style class\, and there is not much time to teach basic commands and cybersecurity.\nISA courses: TS07\, TS12\, or the equivalent knowledge/experience would be beneficial.\nNote from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of ISA courses TS07\, TS12 or cybersecurity general principles.\n\n\nRecommended Reading\n\nCybersecurity Library\n“Industrial Automation and Control System Security Principles\,” Second Edition\, by Ronald L. Krutz\, PhD\, PE\n\n\nNot sure this particular course is for you? Take an IC32 knowledge check designed to evaluate your level of understanding of the course material and show you the types of questions you’ll be able to answer after completing the course.
URL:https://www.houstonisa.org/event/using-the-isa-iec-62443-standards-to-secure-your-control-systems-ic32-3/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="ISA":MAILTO:info@isa.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20230911T080000
DTEND;TZID=America/Chicago:20230927T160000
DTSTAMP:20260527T173647
CREATED:20230320T032625Z
LAST-MODIFIED:20230320T033658Z
UID:10000156-1694419200-1695830400@www.houstonisa.org
SUMMARY:ISA September Cyber Camp
DESCRIPTION:This September\, Increase Your Cybersecurity Know-how at the ISA Cyber Camp!\nYou can use promo code HOUS2023 to save 10% on your registration!\n\n\n\n\n\n\n\nBuild Your Cybersecurity Foundation\nISA offers the most comprehensive set of industrial cybersecurity certificate programming and aligned training courses in the market—covering the complete lifecycle of industrial automation and control system (IAC) assessment\, design\, implementation\, operations\, and maintenance. ISA’s training courses are unbiased\, vendor-neutral\, and based on the ISA/IEC 62443—the world’s only consensus-based series of IACS standards. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nLocation \n\n\n\n\n\n\n\n\n\n\n\nBurns & McDonnell\n1700 West Loop South\, Suite 1500\nHouston\, TX 77027 \nWho Should Attend? \n\n\n\n\n\n\n\n\n\n\n\n\nThis cyber camp is ideal for professionals interested in learning more about the cybersecurity industry including: \n\n\nControl Systems Engineers and Managers\nSystem Integrators\nIT Engineers and Managers\nPlant Managers
URL:https://www.houstonisa.org/event/isa-september-cyber-camp/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="ISA":MAILTO:info@isa.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20230508T080000
DTEND;TZID=America/Chicago:20230524T160000
DTSTAMP:20260527T173647
CREATED:20230320T032103Z
LAST-MODIFIED:20230320T033632Z
UID:10000154-1683532800-1684944000@www.houstonisa.org
SUMMARY:ISA May Cyber Camp
DESCRIPTION:This May\, Increase Your Cybersecurity Know-how at the ISA Cyber Camp!\nYou can use promo code HOUS2023 to save 10% on your registration!\n\n\n\n\n\n\n\nBuild Your Cybersecurity Foundation \nISA offers the most comprehensive set of industrial cybersecurity certificate programming and aligned training courses in the market—covering the complete lifecycle of industrial automation and control system (IAC) assessment\, design\, implementation\, operations\, and maintenance. ISA’s training courses are unbiased\, vendor-neutral\, and based on the ISA/IEC 62443—the world’s only consensus-based series of IACS standards. \nLocation \n\n\n\n\n\n\n\n\n\n\n\nBurns & McDonnell\n1700 West Loop South\, Suite 1500\nHouston\, TX 77027 \nWho Should Attend? \n\n\n\n\n\n\n\n\n\n\n\n\nThis cyber camp is ideal for professionals interested in learning more about the cybersecurity industry including: \n\n\nControl Systems Engineers and Managers\nSystem Integrators\nIT Engineers and Managers\nPlant Managers
URL:https://www.houstonisa.org/event/isa-may-cyber-camp/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="ISA":MAILTO:info@isa.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20220502T080000
DTEND;TZID=America/Chicago:20220518T160000
DTSTAMP:20260527T173647
CREATED:20220328T040611Z
LAST-MODIFIED:20220328T040728Z
UID:10000038-1651478400-1652889600@www.houstonisa.org
SUMMARY:ISA IACS Cybersecurity Training Camp
DESCRIPTION:Gain the operations-focused skills training needed to safeguard industrial control systems from cyberattack\nWhether you are an experienced professional or looking to step into the world of industrial cybersecurity\, sharpen your knowledge by registering for the ISA Cyber Camp courses this May! Please check out this flyer for additional details and links to register!  \nRegister Today and Save $200!\nUse coupon code HOUS2022 to\nreceive $200 off registration. \nTo register: \n• Online: Follow the links in the flyer to register for classes.\n• Email: info@isa.org\n• Call: +1 919-549-8411
URL:https://www.houstonisa.org/event/isa-iacs-cybersecurity-training-camp/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Cyber-Security,Training
ATTACH;FMTTYPE=application/pdf:https://www.houstonisa.org/wp-content/uploads/2022/03/30-0222-Houston-Section-2022-Flyer_Final2197-cropped.pdf
ORGANIZER;CN="Glen Wood":MAILTO:glnwd15@gmail.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210928T080000
DTEND;TZID=America/Chicago:20210930T170000
DTSTAMP:20260527T173647
CREATED:20210728T173023Z
LAST-MODIFIED:20210728T173023Z
UID:10000024-1632816000-1633021200@www.houstonisa.org
SUMMARY:IACS Cybersecurity Operations & Maintenance (IC37
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nDescription: \nThe third phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting\, security monitoring and incident response\, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change\, backup and recovery procedures and periodic cybersecurity audits. \nThis course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an every changing threat environment. \nYou will be able to: \n\nPerform basic network diagnostics and troubleshooting\nInterpret the results of IACS device diagnostic alarms and event logs\nImplement IACS backup and restoration procedures\nDescribe the IACS patch management life cycle and procedure\nApply an antivirus management procedure\nDefine the basics of application control and white listing tools\nDefine the basics of network and host intrusion detection\nDefine the basics of security incident and event monitoring tools\nImplement an incident response plan\nImplement an IACS management of change procedure\nConduct a basic IACS cyber security audit\n\n  \nYou will cover: \n\nIntroduction to the ICS Cybersecurity Lifecycle\nIdentification & Assessment phase\nDesign & Implementation phase\nOperations & Maintenance phase\nNetwork Diagnostics and Troubleshooting\nInterpreting device alarms and event logs\nEarly indicators\nNetwork intrusion detection systems\nNetwork management tools\nApplication Diagnostics and Troubleshooting\nInterpreting OS and application alarms and event logs\nEarly indicators\nApplication management and whitelisting tools\nAntivirus and endpoint protection tools\nSecurity incident and event monitoring (SIEM) tools\nIACS Cybersecurity Operating Procedures & Tools\nDeveloping and following an IACS management of change procedure\nDeveloping and following an IACS backup procedure\nIACS configuration management tools\nDeveloping and following an IACS patch management procedure\nPatch management tools\nDeveloping and following an IACS antivirus management procedure\nAntivirus and whitelisting tools\nDeveloping and following an IACS cybersecurity audit procedure\nAuditing tools\nIACS incident response\nDeveloping and following an IACS incident response plan\nIncident investigation\nSystem recovery\n\n  \nClassroom/Laboratory Exercises: \n\nAsset Inventory\nICS Device Hardening\nDisabling USB Storage Devices\nRestrict access to USB drives\nApplication Control / Whitelisting\nMicrosoft Windows Software Update Services (WSUS)\nPLC backup and configuration management\nChange Management (MOC form)\nEvent Detection Tracking and Log Monitoring\nVulnerability Scanning\nNetwork Packet Capture Analysis\nTroubleshooting and Forensics\n\n  \nWho Should Attend? \n\nOperations and maintenance personnel\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nPlant Safety and Risk Management\n\n  \nRecommended Pre-Requisites: \nISA Courses TS06\, TS12\, TS20\, IC32\, IC33 and IC34 or equivalent knowledge/experience. \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/iacs-cybersecurity-operations-maintenance-ic37-2/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Glen Wood":MAILTO:glnwd15@gmail.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210921T080000
DTEND;TZID=America/Chicago:20210923T170000
DTSTAMP:20260527T173647
CREATED:20210728T172736Z
LAST-MODIFIED:20210728T173632Z
UID:10000031-1632211200-1632416400@www.houstonisa.org
SUMMARY:IACS Cybersecurity Design & Implementation (IC34) Houston
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nDescription: \nThe second phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This involves the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the Assess phase. This phase also includes cybersecurity acceptance testing of the integrated solution\, in order to validate countermeasures are properly implemented and that the IACS has achieved the target security level. \nThis course will provide students with the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS in order to achieve the target security level assigned to each IACS zone or conduit. Additionally\, students will learn how to develop and execute test plans to verify that the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification. \nYou will be able to: \n\nInterpret the results of an ICS cybersecurity risk assessment\nDevelop a cybersecurity requirements specification (CRS)\nDevelop a conceptual design based upon information in a well-crafted CRS\nExplain the security development lifecycle process and deliverables\nPerform a basic firewall configuration and commissioning\nDesign a secure remote access solution\nDevelop system hardening specification\nImplement a basic network intrusion detection system\nDevelop a Cybersecurity Acceptance test plan (CFAT/CSAT)\nPerform a basic CFAT or CSAT\n\nYou Will Cover: \n\nIntroduction to the ICS Cybersecurity Lifecycle\nAssessment phase\nImplementation phase\nMaintenance phase\nConceptual Design Process\nInterpreting risk assessment results\nCybersecurity requirements specifications\nDeveloping a conceptual design\nConceptual design specification\nDetailed Design Process\nSecurity Development Lifecycle (SDL)\nTypes of technology\nSelecting appropriate technology\nDeveloping a detailed design\nDocumenting the design/specification\nDesign & Implementation Examples\nFirewall design example\nRemote access design example\nSystem hardening design example\nIntrusion detection design example\nTesting\nDeveloping test plans\nCybersecurity Factory Acceptance Testing\nCybersecurity Site Acceptance Testing\n\nClassroom/Laboratory Exercises: \n\nDevelop a Physical & Cybersecurity Plan\nConfigure a Perimeter Firewall\nConfigure an ICS Firewall\nInstall and use SNORT!\nConfigure Windows Local Group Policy Objects\nInstall MS Security Compliance Manager (SCM)\nConduct ICS Device Hardening\nConduct Network Device Hardening\nUse a Domain Controller\nConfigure a VPN Connection\nConduct Security Configuration Auditing\nConduct System Robustness Testing\n\nWho Should Attend: \n\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nPlant managers\nPlant Safety and Risk Management\n\nRecommended Pre-Requisites: \nISA Courses IC32 and IC33 or equivalent knowledge/experience. \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/iacs-cybersecurity-design-implementation-ic34-houston-tx-21st-23rd-september-2021/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Glen Wood":MAILTO:glnwd15@gmail.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210915T080000
DTEND;TZID=America/Chicago:20210917T170000
DTSTAMP:20260527T173647
CREATED:20210728T172621Z
LAST-MODIFIED:20210728T172839Z
UID:10000030-1631692800-1631898000@www.houstonisa.org
SUMMARY:Assessing the Cybersecurity of New or Existing IACS Systems (IC33)
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nDescription: \nThe first phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) is to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment in order to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA 62443-2-1 these assessments need to be performed on both new (i.e. greenfield) and existing (i.e. brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system\, identifying security level targets\, and documenting the cybersecurity requirements into a cybersecurity requirements specification (CRS). \nThis course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements the project. \nYou Will Be Able to: \n\nIdentify and document the scope of the IACS under assessment\nSpecify\, gather or generate the cybersecurity information required to perform the assessment\nIdentify or discover cybersecurity vulnerabilities inherent in the IACS products or system design\nOrganize and facilitate a cybersecurity risk assessment for an IACS\nIdentify and evaluate realistic threat scenarios\nIdentify gaps in existing policies\, procedures and standards\nEstablish and document security zones and conduits\nPrepare documentation of assessment results\n\nYou Will Cover: \n\nPreparing for an Assessment\nCybersecurity Vulnerability Assessment\nConducting Vulnerability Assessments\nCyber Risk Assessments\nConducting Cyber Risk Assessments\nDocumentation and Reporting\nAnd more…\n\nClassroom/Laboratory Exercises: \n\nCritiquing system architecture diagrams\nAsset Inventory\nGap Assessment\nWindows Vulnerability Assessment\nCapturing Ethernet Traffic\nPort Scanning\nUsing Vulnerability Scanning Tools\nPerform a high-level risk assessment\nCreating a zone & conduit diagram\nPerform a detailed cyber risk assessment\nCritiquing a cybersecurity requirements specification\n\nWho Should Attend: \n\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nIT corporate/security professionals\nPlant Safety and Risk Management\n\nRecommended Pre-Requisite: \nISA Course IC32 or equivalent knowledge/experience. \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/assessing-the-cybersecurity-of-new-or-existing-iacs-systems-ic33-2/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Glen Wood":MAILTO:glnwd15@gmail.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210913T080000
DTEND;TZID=America/Chicago:20211114T160000
DTSTAMP:20260527T173647
CREATED:20210728T172258Z
LAST-MODIFIED:20210728T172405Z
UID:10000029-1631520000-1636905600@www.houstonisa.org
SUMMARY:Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)
DESCRIPTION:Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nCertificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nDescription: \nThe move to using open standards such as Ethernet\, TCP/IP\, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. This course provides a detailed look at how the ANSI/ISA99 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. \nYou will be able to: \n\nDiscuss the principles behind creating an effective long term program security\nInterpret the ISA/IEC 62443 industrial security framework and apply them to your operation\nDefine the basics of risk and vulnerability analysis methodologies\nDescribe the principles of security policy development\nExplain the concepts of defense in depth and zone/conduit models of security\nAnalyze the current trends in industrial security incidents and methods hackers use to attack a system\nDefine the principles behind the key risk mitigation techniques\, including anti-virus and patch management\, firewalls\, and virtual private networks\n\nYou will cover: \n\nUnderstanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same\nHow Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks\nCreating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program\nRisk Analysis:  Business Rationale | Risk Identification\, Classification\, and Assessment\nAddressing Risk with Security Policy\, Organization\, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness\nAddressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control\nAddressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management\nMonitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS\nValidating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems\n\nClassroom/Laboratory Demo: \n\nPCAP Live Capture Analysis\n\nIncludes ISA Standards: \n\nANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007)\, Security for Industrial Automation and Control Systems Part 1: Terminology\, Concepts & Models\nANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)\, Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program\nANSI/ISA-62443-3-3\, Security for industrial automation and control systems: System security requirements and security levels\n\nRecommended Pre-Requisites: \nThere are no required prerequisites for taking this course; however\, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting. \nISA Courses: TS06\, TS12\, or equivalent knowledge/experience would be beneficial. \nNote from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of TS04\, TS06\, TS12 or cybersecurity general principles. IC32 is a 14-hour boot camp style class and there is not a lot of time to teach basic comms and cybersecurity. \nRecommended reading in preparation for course: \nCybersecurity Library \nWhich Security Level (SL) would have been required to prevent the attack? \nNot sure this particular course is for you? \nA pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.
URL:https://www.houstonisa.org/event/using-the-isa-iec-62443-standards-to-secure-your-control-systems-ic32-2/
LOCATION:Burns McDonnell\,1898 & Co.\, 1700 West Loop South\, Houston\, 77027\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Glen Wood":MAILTO:glnwd15@gmail.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210518T080000
DTEND;TZID=America/Chicago:20210520T160000
DTSTAMP:20260527T173647
CREATED:20210415T054412Z
LAST-MODIFIED:20210415T055222Z
UID:10000123-1621324800-1621526400@www.houstonisa.org
SUMMARY:IACS Cybersecurity Operations & Maintenance (IC37)
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nUse Coupon code: HOUS2021 to receive discount of $200 off registration.\nDescription: \nThe third phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting\, security monitoring and incident response\, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change\, backup and recovery procedures and periodic cybersecurity audits. \nThis course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an every changing threat environment. \n  \nYou will be able to: \n\nPerform basic network diagnostics and troubleshooting\nInterpret the results of IACS device diagnostic alarms and event logs\nImplement IACS backup and restoration procedures\nDescribe the IACS patch management life cycle and procedure\nApply an antivirus management procedure\nDefine the basics of application control and white listing tools\nDefine the basics of network and host intrusion detection\nDefine the basics of security incident and event monitoring tools\nImplement an incident response plan\nImplement an IACS management of change procedure\nConduct a basic IACS cyber security audit\n\n  \nYou will cover: \n\nIntroduction to the ICS Cybersecurity Lifecycle\n\nIdentification & Assessment phase\nDesign & Implementation phase\nOperations & Maintenance phase\n\n\nNetwork Diagnostics and Troubleshooting\n\nInterpreting device alarms and event logs\nEarly indicators\nNetwork intrusion detection systems\nNetwork management tools\n\n\nApplication Diagnostics and Troubleshooting\n\nInterpreting OS and application alarms and event logs\nEarly indicators\nApplication management and whitelisting tools\nAntivirus and endpoint protection tools\nSecurity incident and event monitoring (SIEM) tools\n\n\nIACS Cybersecurity Operating Procedures & Tools\n\nDeveloping and following an IACS management of change procedure\nDeveloping and following an IACS backup procedure\nIACS configuration management tools\nDeveloping and following an IACS patch management procedure\nPatch management tools\nDeveloping and following an IACS antivirus management procedure\nAntivirus and whitelisting tools\nDeveloping and following an IACS cybersecurity audit procedure\nAuditing tools\n\n\nIACS incident response\n\nDeveloping and following an IACS incident response plan\nIncident investigation\nSystem recovery\n\n\n\n  \nClassroom/Laboratory Exercises: \n\nAsset Inventory\nICS Device Hardening\nDisabling USB Storage Devices\nRestrict access to USB drives\nApplication Control / Whitelisting\nMicrosoft Windows Software Update Services (WSUS)\nPLC backup and configuration management\nChange Management (MOC form)\nEvent Detection Tracking and Log Monitoring\nVulnerability Scanning\nNetwork Packet Capture Analysis\nTroubleshooting and Forensics\n\n  \nWho Should Attend? \n\nOperations and maintenance personnel\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nPlant Safety and Risk Management\n\n  \nRecommended Pre-Requisites: \nISA Courses TS06\, TS12\, TS20\, IC32\, IC33 and IC34 or equivalent knowledge/experience. \n  \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/iacs-cybersecurity-operations-maintenance-ic37/
LOCATION:AE Solutions\, 10375 Richmond Avenue\, Suite 800 Houston\, TX 77042 United States\, Houston\, TX\, 77042\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210511T080000
DTEND;TZID=America/Chicago:20210513T160000
DTSTAMP:20260527T173647
CREATED:20210415T054226Z
LAST-MODIFIED:20210415T055215Z
UID:10000122-1620720000-1620921600@www.houstonisa.org
SUMMARY:IACS Cybersecurity Design & Implementation (IC34)
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nUse Coupon code: HOUS2021 to receive discount of $200 off registration.\nDescription: \nThe second phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This involves the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the Assess phase. This phase also includes cybersecurity acceptance testing of the integrated solution\, in order to validate countermeasures are properly implemented and that the IACS has achieved the target security level. \nThis course will provide students with the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS in order to achieve the target security level assigned to each IACS zone or conduit. Additionally\, students will learn how to develop and execute test plans to verify that the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification. \nYou will be able to: \n\nInterpret the results of an ICS cybersecurity risk assessment\nDevelop a cybersecurity requirements specification (CRS)\nDevelop a conceptual design based upon information in a well-crafted CRS\nExplain the security development lifecycle process and deliverables\nPerform a basic firewall configuration and commissioning\nDesign a secure remote access solution\nDevelop system hardening specification\nImplement a basic network intrusion detection system\nDevelop a Cybersecurity Acceptance test plan (CFAT/CSAT)\nPerform a basic CFAT or CSAT\n\nYou Will Cover: \n\nIntroduction to the ICS Cybersecurity Lifecycle\nAssessment phase\nImplementation phase\nMaintenance phase\nConceptual Design Process\nInterpreting risk assessment results\nCybersecurity requirements specifications\nDeveloping a conceptual design\nConceptual design specification\nDetailed Design Process\nSecurity Development Lifecycle (SDL)\nTypes of technology\nSelecting appropriate technology\nDeveloping a detailed design\nDocumenting the design/specification\nDesign & Implementation Examples\nFirewall design example\nRemote access design example\nSystem hardening design example\nIntrusion detection design example\nTesting\nDeveloping test plans\nCybersecurity Factory Acceptance Testing\nCybersecurity Site Acceptance Testing\n\nClassroom/Laboratory Exercises: \n\nDevelop a Physical & Cybersecurity Plan\nConfigure a Perimeter Firewall\nConfigure an ICS Firewall\nInstall and use SNORT!\nConfigure Windows Local Group Policy Objects\nInstall MS Security Compliance Manager (SCM)\nConduct ICS Device Hardening\nConduct Network Device Hardening\nUse a Domain Controller\nConfigure a VPN Connection\nConduct Security Configuration Auditing\nConduct System Robustness Testing\n\nWho Should Attend: \n\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nPlant managers\nPlant Safety and Risk Management\n\nRecommended Pre-Requisites: \nISA Courses IC32 and IC33 or equivalent knowledge/experience. \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/iacs-cybersecurity-design-implementation-ic34/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210505T080000
DTEND;TZID=America/Chicago:20210507T160000
DTSTAMP:20260527T173647
CREATED:20210415T054025Z
LAST-MODIFIED:20210415T055214Z
UID:10000121-1620201600-1620403200@www.houstonisa.org
SUMMARY:Assessing the Cybersecurity of New or Existing IACS Systems (IC33)
DESCRIPTION:Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nUse Coupon code: HOUS2021 to receive discount of $200 off registration.\nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nDescription: \nThe first phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) is to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment in order to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA 62443-2-1 these assessments need to be performed on both new (i.e. greenfield) and existing (i.e. brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system\, identifying security level targets\, and documenting the cybersecurity requirements into a cybersecurity requirements specification (CRS). \nThis course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements the project. \nYou Will Be Able to: \n\nIdentify and document the scope of the IACS under assessment\nSpecify\, gather or generate the cybersecurity information required to perform the assessment\nIdentify or discover cybersecurity vulnerabilities inherent in the IACS products or system design\nOrganize and facilitate a cybersecurity risk assessment for an IACS\nIdentify and evaluate realistic threat scenarios\nIdentify gaps in existing policies\, procedures and standards\nEstablish and document security zones and conduits\nPrepare documentation of assessment results\n\nYou Will Cover: \n\nPreparing for an Assessment\nCybersecurity Vulnerability Assessment\nConducting Vulnerability Assessments\nCyber Risk Assessments\nConducting Cyber Risk Assessments\nDocumentation and Reporting\nAnd more…\n\nClassroom/Laboratory Exercises: \n\nCritiquing system architecture diagrams\nAsset Inventory\nGap Assessment\nWindows Vulnerability Assessment\nCapturing Ethernet Traffic\nPort Scanning\nUsing Vulnerability Scanning Tools\nPerform a high-level risk assessment\nCreating a zone & conduit diagram\nPerform a detailed cyber risk assessment\nCritiquing a cybersecurity requirements specification\n\nWho Should Attend: \n\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nIT corporate/security professionals\nPlant Safety and Risk Management\n\nRecommended Pre-Requisite: \nISA Course IC32 or equivalent knowledge/experience. \nRecommended Reading: \nCybersecurity Library
URL:https://www.houstonisa.org/event/assessing-the-cybersecurity-of-new-or-existing-iacs-systems-ic33/
LOCATION:AE Solutions\, 10375 Richmond Avenue\, Suite 800 Houston\, TX 77042 United States\, Houston\, TX\, 77042\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210503T080000
DTEND;TZID=America/Chicago:20210504T160000
DTSTAMP:20260527T173647
CREATED:20210415T052941Z
LAST-MODIFIED:20210415T055207Z
UID:10000015-1620028800-1620144000@www.houstonisa.org
SUMMARY:Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)
DESCRIPTION:Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nCertificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \nUse Coupon code: HOUS2021 to receive discount of $200 off registration. \nDescription: \nThe move to using open standards such as Ethernet\, TCP/IP\, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. This course provides a detailed look at how the ANSI/ISA99 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. \nYou will be able to: \n\nDiscuss the principles behind creating an effective long term program security\nInterpret the ISA/IEC 62443 industrial security framework and apply them to your operation\nDefine the basics of risk and vulnerability analysis methodologies\nDescribe the principles of security policy development\nExplain the concepts of defense in depth and zone/conduit models of security\nAnalyze the current trends in industrial security incidents and methods hackers use to attack a system\nDefine the principles behind the key risk mitigation techniques\, including anti-virus and patch management\, firewalls\, and virtual private networks\n\nYou will cover: \n\nUnderstanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same\nHow Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks\nCreating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program\nRisk Analysis:  Business Rationale | Risk Identification\, Classification\, and Assessment\nAddressing Risk with Security Policy\, Organization\, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness\nAddressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control\nAddressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management\nMonitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS\nValidating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems\n\nClassroom/Laboratory Demo: \n\nPCAP Live Capture Analysis\n\nIncludes ISA Standards: \n\nANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007)\, Security for Industrial Automation and Control Systems Part 1: Terminology\, Concepts & Models\nANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)\, Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program\nANSI/ISA-62443-3-3\, Security for industrial automation and control systems: System security requirements and security levels\n\nRecommended Pre-Requisites: \nThere are no required prerequisites for taking this course; however\, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting. \nISA Courses: TS06\, TS12\, or equivalent knowledge/experience would be beneficial. \nNote from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of TS04\, TS06\, TS12 or cybersecurity general principles. IC32 is a 14-hour boot camp style class and there is not a lot of time to teach basic comms and cybersecurity. \nRecommended reading in preparation for course: \nCybersecurity Library \nWhich Security Level (SL) would have been required to prevent the attack? \nNot sure this particular course is for you? \nA pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.
URL:https://www.houstonisa.org/event/using-the-isa-iec-62443-standards-to-secure-your-control-systems-ic32/
LOCATION:AE Solutions\, 10375 Richmond Avenue\, Suite 800 Houston\, TX 77042 United States\, Houston\, TX\, 77042\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210125T080000
DTEND;TZID=America/Chicago:20210319T170000
DTSTAMP:20260527T173647
CREATED:20210122T085342Z
LAST-MODIFIED:20210122T085624Z
UID:10000017-1611561600-1616173200@www.houstonisa.org
SUMMARY:IC32E Using the ISA/IEC 62443 Standard to Secure Your Control Systems
DESCRIPTION:A detailed look at how the ISA/IEC 62443 (formerly ISA 99) Standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet\, TCP/IP\, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyber-attacks that have wreaked so much havoc on global government and corporate information systems. \nMake sure to use HOUS2020 for $200 discount!\nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nPart of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \n  \nISA’s CyberU online instructor-led training courses offer the benefit of a high quality ISA training course with the added advantage of studying at your own pace in the office\, at home\, or while traveling. \n  \nThis online course utilizes online training modules\, additional text materials\, online evaluations\, and e-mail discussions. Students will have access via email to an instructor and an opportunity to participate in live Q&A sessions with the instructor and other class participants. \n  \nThis CyberU course runs for eight (8) weeks. You will have access to twelve online modules for the web/audio sessions. Each module is between 20 to 60 minutes. Your course syllabus will guide you through the course modules and provide assignments and the schedule for the live Q&A sessions. \n  \nDescription \nA detailed look at how the ISA/IEC 62443 (formerly ISA 99) Standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet\, TCP/IP\, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyber-attacks that have wreaked so much havoc on global government and corporate information systems. \n  \nYou will be able to: \n\nDiscuss the need and importance for control system security\nLearn about current principles and best practices\nUnderstand the structure and content of the ISA 99 / IEC 62443 series of documents\nDiscuss the principles behind the creating an effective long term program security\nLearn the basics of risk analysis\, industrial networking and network security\nUnderstand the concepts of defense in depth and zones and conduits\nLearn how to apply key risk mitigation techniques such as anti-virus\, patch management\, firewalls and virtual private networks\nLearn how secure software development strategies can make systems inherently more secure\nLearn what is being done to validate or verify the security of systems\n\n  \nYou will cover: \n  \nModule 1: Using the ISA/IEC 62443 Standards to Secure Your Control Systems \nProvides a basic introduction to control system cyber security and the ISA/IEC 62443 standards. Discussion of trends\, regulations\, industry standards and best practices\, common myths\, the ISA 99 committee\, and the structure of the ISA 62443 standard. Topics include: Self-assessment of your Control Systems Security knowledge\, Trends in control system cybersecurity\, Potential Impacts\, Five common myths regarding IACS Security\, Regulations and Standards\, ISA99 committee work. \n  \nModule 2: Terminology\, Concepts\, Models and Metrics \nCovers the material in ISA 62443-1-1 (published as ISA-99.00.01:2007) that forms the basis for the ISA 62443 series of standards. Topics include: Difference between IT and IACS\, Security Objectives\, Defense-in-Depth\, Risk Assessment\, Policies\, Zones & Conduits\, Security Levels and the Security Lifecycle Models \n  \nModule 3: Threats and Vulnerabilities \nProvides a basic introduction to networking with a focus on the application of Ethernet in the industrial environment. Topics include: Types of networks\, OSI reference model\, Network Devices\, Network Protocols\, Network Tools built into Operating Systems. \n  \nModule 4: Industrial Networking Basics L1-L3 \nBuilds on the previous module and covers networking with a focus on the upper layers of the OSI reference model\, problems with the OSI model\, network discovery\, and security auditing tools in the industrial environment. Topics include: Encapsulating data\, OSI reference model\, Network Devices\, Network Protocols. \n  \nModule 5: Network Security Basics 101 \nProvides a basic introduction to network security. Topics include: Security Appliances\, Network Segmentation\, Encryption\, Secure Protocols and Intrusion Detection. Topics include: Why address security? Firewalls\, Network Segmentation Architectures\, Encryption\, Intrusion Detection\, Monitoring Network Traffic. \n  \nModule 6: Industrial Protocols \nCovers at a high level the structure and application of common industrial protocols such as MODBUS\, PROFIBUS\, OPC and CIP (EtherNet/IP). Topics include: What is a protocol? Multitude of Industrial Protocols\, Ports in use. \n  \nModule 7: Establishing an Industrial Automation and Control Systems Security Program \nCovers the material in ISA 62443-2-1 (published as ISA-99.02.01:2009) that specifies the elements and requirements of an IACS Cyber Security Management System (CSMS). Topics include: Six top level activities\, Common pitfalls\, Risk Analysis\, Security Policy\, Organization and Awareness\, Personnel security\, Physical & Environmental Security\, Network Segmentation\, Access Control\, Change Management\, Patch and Anti-virus management\, Information management\, Incident Response and Disaster Recover Planning\, Compliance Monitoring\, and Program Maintenance. \n  \nModule 8: Security Risk Assessment and System Design \nCovers Security Level definitions and Foundational Requirements that establish a basis for the requirements in scoping an IACS assessment\, establishing zones & conduits\, analyzing the security risk for each zone\, assigning a security level target to each zone and verifying the design satisfies the security level target. Topics include: Definitions\, Risk Equation\, Cyber Risk Reduction Factor\, Basic Security analysis tools\, Identification of Zones and Conduits. \n  \nModule 9: Intro to the IACS Cybersecurity Lifecycle \nShort jaunt into the Assess\, Develop & Implement and Maintain phases of the IACS Cybersecurity Lifecycle. These phases are covered more in depth in ISA’s IC33\, IC34 & IC37 courses. Topics include: Cyber Security Life Cycle diagram\, Phases\, Continuous processes. \n  \nModule 10: Security Program Requirements for IACS Service Providers \nCreating a secure product out of the box is only a small piece of the security puzzle. Asset Owners\, Integrators and Suppliers all have a role. This module covers how IEC 62443-2-4 specifies requirements IACS service providers can offer to the asset owner during integration and maintenance activities of an Automation Solution. Topics include: IACS Patching\, Asset Owner Requirements\, Product Supplier/Service Provider Requirements\, Malicious Code Protection. \n  \nModule 11: Developing Secure Products and Systems \nOverview of component tier Product Development Requirements and Technical Security Requirements for IACS that are Product supplier centric. Topics include: Component tier standards ISA-62443-4-1 & ISA-62443-4-2\, Primary & Secondary goals\, ISA 62443 relationships\, ISA Security Compliance Institute (ISCI)\, ISASecure™. \n  \nModule 12: Evolving Security Standards and Practices \nStandards are voluntary documents unless there is a requirement to use them. In this module\, we look at the continuously evolving industrial security regulatory landscape. The only constant is change! Topics include: Normative and Informative elements\, NIST Cyber Security Framework\, ISA-62443-2-1 requirement to monitor and evaluate applicable legislation relevant to cyber security\, Standards Development Organizations (SDOs). \n  \nCourse Materials (PDF format): \n\nIC32E v2.0 Course Syllabus\nIC32E v2.0 Noteset Volume I with sections on Course Presentation slides from course modules\, Instructional Surveys/Answers and Additional Resources\nIC32E v2.0 Noteset Volume II with the following three publications\nANSI / ISA 99.00.01-2007 / IEC 62443-1-1: Security for Industrial Automation and Control Systems Part 1: Terminology\, Concepts\, and Models (Approved 29 October 2007)\nANSI / ISA 99.00.02-2009 / IEC 62443-2-1: Security for Industrial Automation and Control Systems Part 2: Establishing an Industrial Automation and Control System Security Program\nISA-62443.03.03 / IEC 62443-3-3: Security for Industrial Automation and Control Systems: System Security Requirements and Security Assurance Levels\nTextbook: Industrial Automation by Ronald L. Krutz (Second Edition)\n\n  \nFeatures of ISA CyberU online course: \nOnline Pre-recorded Course Modules \nYour instructor has pre-recorded each course module so that you can access the course presentations on your schedule. Each module is a web/audio session that takes approximately 20 – 60 minutes. \n  \nAsk the Expert \nInteract with your expert instructor via email throughout the course and through scheduled live Q&A sessions. You can expect a reply to your email within 24 hours. This email address is active during the entire course duration. \nThe Q&A sessions provide an opportunity for you and your classmates to speak one-on-one with the instructor. You will have an opportunity to ask any questions you may have about the course material and interact with your fellow classmates. \n  \nClass Discussions \nYou will be invited to subscribe to a course listserve that includes course participants. You can use this listserve to post questions and share experience relevant to the course with other class members. \n  \nCourse Assignments and Exams \n\nTake the course pre-test before you begin studying the course material to get a better understanding of areas that you will want to focus on more during the course.\nHomework assignments for all modules will be indicated on the syllabus. The homework assignments are designed to help expand your understanding of the course material.\nComplete the final exam for the course in order to receive Continuing Education Units (CEU) credit. The final exam will be taken and scored online. You must receive at least 80% on the course exam to receive CEU credit. (Note this exam is not the ISA/IEC 62443 Cybersecurity Fundamentals Specialist Exam)\n\nRecommended Reading: \nCybersecurity Library \n  \nNot sure this particular course is for you? \nA pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.
URL:https://www.houstonisa.org/event/ic32e-using-the-isa-iec-62443-standard-to-secure-your-control-systems/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20210122T080000
DTEND;TZID=America/Chicago:20210122T170000
DTSTAMP:20260527T173647
CREATED:20210122T085822Z
LAST-MODIFIED:20210122T091252Z
UID:10000018-1611302400-1611334800@www.houstonisa.org
SUMMARY:IC33E Assessing the Cybersecurity of New or Existing IACS Systems
DESCRIPTION:  \n\n\n\n\n\n\n\nAssessing the Cybersecurity of New or Existing IACS Systems (IC33E) is an online course which will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements of the project. This course is a blended learning format which includes interactive\, on-demand modules\, weekly assignments and instructor call-in sessions. Modules include instructional content\, interactive reviews\, video lab demonstrations conducted by an ISA Cybersecurity instructor and assessments. \nMake sure to use HOUS2020 for $200 discount!\n\n\nCertification of Completion:A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course. \nCertificate Program:Part of the ISA/IEC 62443 Cybersecurity Certificate Program \nYour course registration includes your registration for the exam. \n  \n\nISA’s CyberU online instructor-led training courses offer the benefit of a high-quality ISA training course with the added advantage of studying at your own pace in the office\, at home\, or while traveling.\nThis online course utilizes online training modules\, additional text materials\, online evaluations\, and e-mail discussions. Students will have access via email to an instructor and an opportunity to participate in live Q&A sessions with the instructor and other class participants.\nThis CyberU course runs for seven (7) weeks. You will have access to six online modules for the modular sessions. Each module is between 20 to 90 minutes. Your course syllabus will guide you through the course modules and provide assignments and the schedule for the live Q&A sessions.\n\n  \nDescription \nAssessing the Cybersecurity of New or Existing IACS Systems (IC33E) is an online course which will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements of the project. This course is a blended learning format which includes interactive\, on-demand modules\, weekly assignments and instructor call-in sessions. Modules include instructional content\, interactive reviews\, video lab demonstrations conducted by an ISA Cybersecurity instructor and assessments. \n  \nYou will be able to: \n\nDiscuss the need and importance for control system security\nLearn about current principles and best practices\nUnderstand the structure and content of the ISA 99 / IEC 62443 series of documents\nDiscuss the principles behind the creating an effective long term program security\nLearn the basics of risk analysis\, industrial networking and network security\nUnderstand the concepts of defense in depth and zones and conduits\nLearn how to apply key risk mitigation techniques such as anti-virus\, patch management\, firewalls and virtual private networks\nLearn how secure software development strategies can make systems inherently more secure\nLearn what is being done to validate or verify the security of systems\n\n  \nYou will cover: \n\nPreparing for an Assessment\nCybersecurity Vulnerability Assessment\nConducting Vulnerability Assessments\nCyber Risk Assessments\nConducting Cyber Risk Assessments\nDocumentation and Reporting\nAnd more…\n\n  \nYou will be able to: \n\nIdentify and document the scope of the IACS under assessment\nSpecify\, gather or generate the cybersecurity information required to perform the assessment\nIdentify or discover cybersecurity vulnerabilities inherent in the IACS products or system design\nOrganize and facilitate a cybersecurity risk assessment for an IACS\nIdentify and evaluate realistic threat scenarios\nIdentify gaps in existing policies\, procedures and standards\nEstablish and document security zones and conduits\nPrepare documentation of assessment results\n\n  \nLab demonstrations: (Included in modules) \n\nCritiquing System Architecture Diagrams\nAsset Inventory\nGap Assessment\nWindows Vulnerability Assessment\nCapturing Ethernet Traffic\nPort Scanning\nWindows Vulnerability Scanning\nPerform a High-Level Cybersecurity Risk Assessment\nCreating a Zone & Conduit Diagram\nPerform a Detailed Cyber Risk Assessment\nRisk Assessment Report\n\n  \nWho should attend: \n\nControl systems engineers and managers\nSystem Integrators\nIT engineers and managers industrial facilities\nIT corporate/security professionals\nPlant Safety and Risk Management\n\n  \nRecommended Pre-Requisite: \nISA Course IC32\, IC32E or equivalent knowledge/experience. \n  \nWhat is included: \n\nOn-demand modules with video lab demonstrations included\n\nModule 1: Preparing for an Assessment (Approx. 95 minutes)\nModule 2: Cybersecurity Vulnerability Assessment (Approx. 35 minutes)\nModule 3: Conducting Vulnerability Assessments (Approx. 102 minutes)\nModule 4: Cyber Risk Assessments (Approx. 69 minutes)\nModule 5: Conducting Cyber Risk Assessments (Approx. 80 minutes)\nModule 6: Documentation (Approx. 15 minutes)\n\n\nA viewable version of ISA standards for course reference\n\nISA/IEC 62443-1-1\nISA/IEC 62443-2-1\nISA/IEC 62443-3-3\nISA/IEC 62443-2 (draft version)\n\n\nISA’s Cybersecurity Assessment Challenge – a Jeopardy-style review game which can be used as a review for the certification exam (Free Add-On)\nExam registration for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist\nCourse Note Set and Syllabus\n\nRecommended Reading: \nCybersecurity Library \n  \nNot sure this particular course is for you? \nA pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course. \n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\nInternational Society of Automation\n67 T.W. Alexander Drive\nPO Box 12277\nResearch Triangle Park\, NC 27709\nE-Mail: info@isa.org\nPhone: (919) 549-8411\nFax: (919) 549-8288\n\n\n\n\nAbout\nContact\nDo Not Sell My Info – CA Residents Only\nPrivacy Policy\nTerms & Conditions\n\n\n© 2020 International Society of Automation \n\n\n\n\n\nFacebook\n\n\nInstagram\n\n\nLinkedIn\n\n\nPinterest\n\n\nTwitter
URL:https://www.houstonisa.org/event/ic33e-assessing-the-cybersecurity-of-new-or-existing-iacs-systems/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
END:VEVENT
BEGIN:VEVENT
DTSTART;VALUE=DATE:20201101
DTEND;VALUE=DATE:20201221
DTSTAMP:20260527T173647
CREATED:20200903T161049Z
LAST-MODIFIED:20200903T161049Z
UID:10000064-1604188800-1608508799@www.houstonisa.org
SUMMARY:IC33E Assessing the Cybersecurity of New or Existing IACS Systems  E-Course (November)
DESCRIPTION:Dates:  Self Paced \nLength: Six (6)  online modules running for 7 weeks.  Each module is 20-90 minutes each. \nCEU Credits: 1.4 \nDescription: Part of the ISA/IEC 62443 Cybersecurity Certificate Program.  Assessing the Cybersecurity of New or Existing IACS Systems (IC33E) is an online course which will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements of the project. \nAn online course which will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements of the project.  This course is a blended learning format which includes interactive\, on-demand modules\, weekly assignments and instructor call-in sessions.  Modules include instructional content\, interactive reviews\, video lab demonstrations conducted by an ISA Cybersecurity instructor and assessments. \n  \nMake sure to use HOUS2020 for $200 discount!\n  \nCertificate Program (if available) Part of the ISA/IEC 62443 Cybersecurity Certificate Program: After successfully completing all eight modules\, students may take the exam for ISA/IEC 62443 Cybersecurity Design Specialist  Exam is included in the Full Course Bundle but must be purchased separately if modules are purchased separately. \nYou will be able to:  \n\n Identify and document the scope of the IACS under assessment\nSpecify\, gather or generate the cybersecurity information required to perform the assessment\nIdentify or discover cybersecurity vulnerabilities inherent in the IACS products or system design\nOrganize and facilitate a cybersecurity risk assessment for an IACS\nIdentify and evaluate realistic threat scenarios\nIdentify gaps in existing policies\, procedures and standards\nEstablish and document security zones and conduits\nPrepare documentation of assessment results\n\nYou will cover:  \n\nPreparing for an Assessment\nCybersecurity Vulnerability Assessment\nConducting Vulnerability Assessments\nCyber Risk Assessments\nConducting Cyber Risk Assessments\nDocumentation and Reporting\nAnd more…\n\nLab Demonstrations (Included in the Modules): \n\nCritiquing System Architecture Diagrams\nAsset Inventory\nGap Assessment\nWindows Vulnerability Assessment\nCapturing Ethernet Traffic\nPort Scanning\nWindows Vulnerability Scanning\nPerform a High-Level Cybersecurity Risk Assessment\nCreating a Zone & Conduit Diagram\nPerform a Detailed Cyber Risk Assessment\n\nRisk Assessment Report
URL:https://www.houstonisa.org/event/ic33e-assessing-the-cybersecurity-of-new-or-existing-iacs-systems-e-course-november/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;VALUE=DATE:20201006
DTEND;VALUE=DATE:20201007
DTSTAMP:20260527T173647
CREATED:20200819T015135Z
LAST-MODIFIED:20200903T161017Z
UID:10000061-1601942400-1602028799@www.houstonisa.org
SUMMARY:IC33M Assessing the Cybersecurity or New or Existing IACS Systems (M-Course)
DESCRIPTION:Dates: Self-paced \nLength: Six 30-45 Modules \nCEU Credits: 0.6 \nLocation: Online  \nDescription: First Phase of the  of the ISA/IEC 62443 Cybersecurity Certificate Program: After successfully completing all six modules\, students may take the exam for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist. Exam fee is included in full course purchase price \nCertificate Program (if available) ISA/IEC 62443 Cybersecurity Certificate Program: \n  \n Make sure to use HOUS2020 for $200 discount!\n  \nYou will be able to:   \n\nIdentify and document the scope of the IACS under assessment\nSpecify\, gather or generate the cybersecurity information required to perform the assessment\nIdentify or discover cybersecurity vulnerabilities inherent in the IACS products or system design\nOrganize and facilitate a cybersecurity risk assessment for an IACS\nIdentify and evaluate realistic threat scenarios\nIdentify gaps in existing policies\, procedures and standards\nEstablish and document security zones and conduits\nPrepare documentation of assessment results\n\nYou will cover:  \n\nPreparing for an Assessment: Security Life Cycle | Scope | System Architecture Diagrams | Network Diagrams | Asset Inventory | Cyber Criticality Assessment\nCybersecurity Vulnerability Assessment: Risk | Types of Cybersecurity Vulnerability Assessments | Gap Assessments | Passive and Active Assessments | Penetration Testing | Conducting Gap Assessments | Gap Assessment Tools | CSET\nConducting Vulnerability Assessments: Vulnerability Process | Pre-assessment | Standards | Research | Kick Off and Walk Thru | Passive Data Collection | Active Data Collection | Penetration Testing\nCyber Risk Assessments: Understanding Risk | ISA 62443-2-1 | SuC | Conduct High-level Risk Assessment | Consequence Scale | Establish Zones and Conduits | Zone and Conduit Drawings and Documentation | Document Cybersecurity Requirements\nConducting Cyber Risk Assessments: Detailed Cyber Risk Assessment Process | Threats | Vulnerabilities | Consequences | Likelihood | Calculate Risk | Security Levels | Countermeasures | Residual Risk | Documentation\nDocumentation and Reporting: Document to Maintain | Required Reports | Zone and Conduit Diagrams | Cybersecurity Requirements Specification (CRS)\n\n  \nFor more information and to register online: 
URL:https://www.houstonisa.org/event/ic33m-assessing-the-cybersecurity-or-new-or-existing-iacs-systems-m-course/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;VALUE=DATE:20201005
DTEND;VALUE=DATE:20201006
DTSTAMP:20260527T173647
CREATED:20200903T161041Z
LAST-MODIFIED:20200911T084617Z
UID:10000093-1601856000-1601942399@www.houstonisa.org
SUMMARY:IC37M IACS Cybersecurity Operations & Maintenance (M-Course)
DESCRIPTION:Dates: Self-paced \nLength :  5 Modules (Approximately 5 Hours) \nCEU Credits: 0.5 \nLocation: Online \nDescription:   Part of the ISA’s Cybersecurity Certificate Program The third phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting\, security monitoring and incident response\, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change\, backup and recovery procedures and periodic cybersecurity audits. This course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an ever-changing threat environment. \n  \nMake sure to use HOUS2020 for $200 discount!\n  \nModule 1: Review of Assess Phase\nModule 2: Review of Design Phase\nModule 3: Security Management & Maintenance\nModule 4: Security Monitoring & Detection\nModule 5: Incident Response & Recovery \nCertificate Program (if available) Part of the ISA/IEC 62443 Cybersecurity Certificate Program.  After successfully completing the course\, students should call ISA Customer Service at +1 919-549-8411 to request their Eligibility code for Cybersecurity Certificate 4 Exam.  Once this code is issued\, students may schedule to take the exam with Prometrics.  Exam fee is included in course price. \nYou will be able to:    \n\nPerform basic network diagnostics and troubleshooting\nInterpret the results of IACS device diagnostic alarms and event logs\nDevelop and follow IACS backup and restoration procedure\nUnderstand the IACS patch management lifecycle\nDevelop and follow an IACS patch management procedure\nDevelop and follow an antivirus management procedure\nDefine the basics of application control and whitelisting tools\nDefine the basics of network and host intrusion detection\nDefine the basics of security incident and event monitoring tools\nDevelop and follow an incident response plan\nDevelop and follow an IACS management of change procedure\nConduct a basic IACS cybersecurity audit\n\nYou will cover:  \n\nICS Cybersecurity Lifecycle\nSecurity Management & Maintenance\nSecurity Monitoring & Detection\nIACS Incident Response & Recovery\n\n  \nLab demonstrations: (Included in modules) \n\nNetwork diagnostics and troubleshooting\nIntrusion detection alarm\nEvent monitoring\nConfiguration management\nPatch management\nAnti-virus management\nWhitelisting\nVulnerability scanning tools\nIncident response\n\n 
URL:https://www.houstonisa.org/event/ic37m-iacs-cybersecurity-operations-maintenance-m-course-2/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;VALUE=DATE:20201004
DTEND;VALUE=DATE:20201005
DTSTAMP:20260527T173647
CREATED:20200903T161037Z
LAST-MODIFIED:20200903T161037Z
UID:10000090-1601769600-1601855999@www.houstonisa.org
SUMMARY:IC34M IACS Cybersecurity Design & Implementation (M-Course)
DESCRIPTION:Dates: Self-paced \nLength: Dates/Length: Eight Modules (10-30 minutes each) \nCEU Credits: 1.4 Credits \nLocation: Online \nDescription: The second phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This involves the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the Assess phase. This phase also includes cybersecurity acceptance testing of the integrated solution\, in order to validate countermeasures are properly implemented and that the IACS has achieved the target security level \nThis course will provide students with the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS in order to achieve the target security level assigned to each IACS zone or conduit. Additionally\, students will learn how to develop and execute test plans to verify that the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification. \n  \nMake sure to use HOUS2020 for $200 discount!\n  \nCertificate Program (if available) Part of the ISA/IEC 62443 Cybersecurity Certificate Program: After successfully completing all eight modules\, students may take the exam for ISA/IEC 62443 Cybersecurity Design Specialist  Exam is included in the Full Course Bundle but must be purchased separately if modules are purchased separately. \nModules included:\nModule 1: Assessment Overview\nModule 2: Conceptual Design\nModule 3  Detailed DesignModule 4: Firewalls\nModule 5: Intrusion Detection Systems\nModule 6: Intrusion Detection Systems (Cont;d_ \nModule 7: Access Control \nModule 8: Cybersecurity Acceptance Testing  \n  \nYou will cover: \nReview the ICS Cybersecurity Lifecycle \n\nAssessment phase\nImplementation phase\nMaintenance phase\n\nConceptual Design Process \n\nInterpreting risk assessment results\nCybersecurity requirements specifications\nDeveloping a conceptual design\nConceptual design specification\n\nDetailed Design Process \n\nSecurity Development Lifecycle (SDL)\nTypes of technology\nSelecting appropriate technology\nDeveloping a detailed design\nDocumenting the design/specification\n\nDesign & Implementation Examples \n\nFirewall design example\nRemote access design example\nSystem hardening design example\nIntrusion detection design example\n\nTesting \n\nDeveloping test plans\nCybersecurity Factory Acceptance Testing\n\nCybersecurity Site Acceptance Testing
URL:https://www.houstonisa.org/event/ic34m-iacs-cybersecurity-design-implementation-m-course/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20200903T080000
DTEND;TZID=America/Chicago:20200930T170000
DTSTAMP:20260527T173647
CREATED:20200903T161026Z
LAST-MODIFIED:20200903T161026Z
UID:10000085-1599120000-1601485200@www.houstonisa.org
SUMMARY:IC32M  Using the ISA/IEC 62443 Standard to Secure Your Control Systems M-Course
DESCRIPTION:Dates: Self-paced \nLength:  : 12 Modules of Varying Length \nCEU Credits:  1.0 \nLocation: Online \nDescription: This is a self-paced\, online course consisting of 12 modules which take a detailed look at how the ISA/IEC 62443 (formerly ISA 99) Standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet\, TCP/IP\, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyber-attacks that have wreaked so much havoc on global government and corporate information systems \n  \nMake sure to use HOUS2020 for $200 discount!\n  \nCertificate Program (if available) Part of the ISA/IEC 62443 Cybersecurity Certificate Program. After successfully completing all twelve modules\, students may take the exam for ISA/IEC 62443 Cybersecurity Fundamentals Specialist. Exam fee is included with course purchase. \nYou will be able to:   \n\nDiscuss the principles behind creating an effective long term program security\nInterpret the ISA/IEC 62443 industrial security framework and apply them to your operation\nDefine the basics of risk and vulnerability analysis methodologies\nDescribe the principles of security policy development\nExplain the concepts of defense in depth and zone/conduit models of security\nAnalyze the current trends in industrial security incidents and methods hackers use to attack a system\nDefine the principles behind the key risk mitigation techniques\, including anti-virus and patch management\, firewalls\, and virtual private networks\n\n  \nYou will cover:  \n\nUnderstanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same\nHow Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks\nCreating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program\nRisk Analysis:  Business Rationale | Risk Identification\, Classification\, and Assessment\nAddressing Risk with Security Policy\, Organization\, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness\nAddressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control\nAddressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management\nMonitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS\nValidating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems\n\nLaboratory Demo: \nPCAP Live Capture Analysis
URL:https://www.houstonisa.org/event/ic32m-using-the-isa-iec-62443-standard-to-secure-your-control-systems-m-course/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;VALUE=DATE:20200903
DTEND;VALUE=DATE:20201201
DTSTAMP:20260527T173647
CREATED:20200903T161033Z
LAST-MODIFIED:20200911T212155Z
UID:10000088-1599091200-1606780799@www.houstonisa.org
SUMMARY:IC32E Using the ISA/IEC 62443 Standard to Secure Your Control Systems E-Course
DESCRIPTION:Course Hours: Online Course – Refer to Syllabus\nCertification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.Part of the ISA/IEC 62443 Cybersecurity Certificate Program\nYour course registration includes your registration for the exam.\n\n\n\n\nISA’s CyberU online instructor-led training courses offer the benefit of a high quality ISA training course with the added advantage of studying at your own pace in the office\, at home\, or while traveling. \nThis online course utilizes online training modules\, additional text materials\, online evaluations\, and e-mail discussions. Students will have access via email to an instructor and an opportunity to participate in live Q&A sessions with the instructor and other class participants. \nThis CyberU course runs for eight (8) weeks. You will have access to twelve online modules for the web/audio sessions. Each module is between 20 to 60 minutes. Your course syllabus will guide you through the course modules and provide assignments and the schedule for the live Q&A sessions. \n  \nMake sure to use HOUS2020 for $200 discount\n  \nDescription\n  \nA detailed look at how the ISA/IEC 62443 (formerly ISA 99) Standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments.  The course explores the move to using open standards such as Ethernet\, TCP/IP\, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyber-attacks that have wreaked so much havoc on global government and corporate information systems. \n  \nYou will be able to:\n\nDiscuss the need and importance for control system security\nLearn about current principles and best practices\nUnderstand the structure and content of the ISA 99 / IEC 62443 series of documents\nDiscuss the principles behind the creating an effective long term program security\nLearn the basics of risk analysis\, industrial networking and network security\nUnderstand the concepts of defense in depth and zones and conduits\nLearn how to apply key risk mitigation techniques such as anti-virus\, patch management\, firewalls and virtual private networks\nLearn how secure software development strategies can make systems inherently more secure\nLearn what is being done to validate or verify the security of systems\n\n  \nYou will cover:\n  \nModule 1: Using the ISA/IEC 62443 Standards to Secure Your Control Systems\nProvides a basic introduction to control system cyber security and the ISA/IEC 62443 standards.  Discussion of trends\, regulations\, industry standards and best practices\, common myths\, the ISA 99 committee\, and the structure of the ISA 62443 standard.  Topics include:  Self-assessment of your Control Systems Security knowledge\, Trends in control system cybersecurity\, Potential Impacts\, Five common myths regarding IACS Security\, Regulations and Standards\, ISA99 committee work. \nModule 2: Terminology\, Concepts\, Models and Metrics\nCovers the material in ISA 62443-1-1 (published as ISA-99.00.01:2007) that forms the basis for the ISA 62443 series of standards.  Topics include: Difference between IT and IACS\, Security Objectives\, Defense-in-Depth\, Risk Assessment\, Policies\, Zones & Conduits\, Security Levels and the Security Lifecycle Models \nModule 3: Threats and Vulnerabilities\nProvides a basic introduction to networking with a focus on the application of Ethernet in the industrial environment.  Topics include: Types of networks\, OSI reference model\, Network Devices\, Network Protocols\, Network Tools built into Operating Systems. \nModule 4: Industrial Networking Basics L1-L3\nBuilds on the previous module and covers networking with a focus on the upper layers of the OSI reference model\, problems with the OSI model\, network discovery\, and security auditing tools in the industrial environment.  Topics include: Encapsulating data\, OSI reference model\, Network Devices\, Network Protocols. \nModule 5: Network Security Basics 101\nProvides a basic introduction to network security.  Topics include: Security Appliances\, Network Segmentation\, Encryption\, Secure Protocols and Intrusion Detection.  Topics include:  Why address security? Firewalls\, Network Segmentation Architectures\, Encryption\, Intrusion Detection\, Monitoring Network Traffic. \nModule 6: Industrial Protocols\nCovers at a high level the structure and application of common industrial protocols such as MODBUS\, PROFIBUS\, OPC and CIP (EtherNet/IP).  Topics include:  What is a protocol?  Multitude of Industrial Protocols\, Ports in use. \nModule 7: Establishing an Industrial Automation and Control Systems Security Program\nCovers the material in ISA 62443-2-1 (published as ISA-99.02.01:2009) that specifies the elements and requirements of an IACS Cyber Security Management System (CSMS).  Topics include: Six top level activities\, Common pitfalls\, Risk Analysis\, Security Policy\, Organization and Awareness\, Personnel security\, Physical & Environmental Security\, Network Segmentation\, Access Control\, Change Management\, Patch and Anti-virus management\, Information management\, Incident Response and Disaster Recover Planning\, Compliance Monitoring\, and Program Maintenance. \nModule 8: Security Risk Assessment and System Design\nCovers Security Level definitions and Foundational Requirements that establish a basis for the requirements in scoping an IACS assessment\, establishing zones & conduits\, analyzing the security risk for each zone\, assigning a security level target to each zone and verifying the design satisfies the security level target.  Topics include:  Definitions\, Risk Equation\, Cyber Risk Reduction Factor\, Basic Security analysis tools\, Identification of Zones and Conduits. \nModule 9: Intro to the IACS Cybersecurity Lifecycle\nShort jaunt into the Assess\, Develop & Implement and Maintain phases of the IACS Cybersecurity Lifecycle.  These phases are covered more in depth in ISA’s IC33\, IC34 & IC37 courses.  Topics include:  Cyber Security Life Cycle diagram\, Phases\, Continuous processes. \nModule 10: Security Program Requirements for IACS Service Providers\nCreating a secure product out of the box is only a small piece of the security puzzle.  Asset Owners\, Integrators and Suppliers all have a role.  This module covers how IEC 62443-2-4 specifies requirements IACS service providers can offer to the asset owner during integration and maintenance activities of an Automation Solution.  Topics include:  IACS Patching\, Asset Owner Requirements\, Product Supplier/Service Provider Requirements\, Malicious Code Protection. \nModule 11: Developing Secure Products and Systems\nOverview of component tier Product Development Requirements and Technical Security Requirements for IACS that are Product supplier centric.  Topics include:  Component tier standards ISA-62443-4-1 & ISA-62443-4-2\, Primary & Secondary goals\, ISA 62443 relationships\, ISA Security Compliance Institute (ISCI)\, ISASecure™. \nModule 12: Evolving Security Standards and Practices\nStandards are voluntary documents unless there is a requirement to use them.  In this module\, we look at the continuously evolving industrial security regulatory landscape.  The only constant is change!  Topics include:  Normative and Informative elements\, NIST Cyber Security Framework\, ISA-62443-2-1 requirement to monitor and evaluate applicable legislation relevant to cyber security\, Standards Development Organizations (SDOs). \nCourse Materials (PDF format):\n\nIC32E v2.0 Course Syllabus\nIC32E v2.0 Noteset Volume I with sections on Course Presentation slides from course modules\, Instructional Surveys/Answers and Additional Resources\nIC32E v2.0 Noteset Volume II with the following three publications\nANSI / ISA 99.00.01-2007 / IEC 62443-1-1: Security for Industrial Automation and Control Systems Part 1: Terminology\, Concepts\, and Models (Approved 29 October 2007)\nANSI / ISA 99.00.02-2009 / IEC 62443-2-1: Security for Industrial Automation and Control Systems Part 2: Establishing an Industrial Automation and Control System Security Program\nISA-62443.03.03 / IEC 62443-3-3: Security for Industrial Automation and Control Systems: System Security Requirements and Security Assurance Levels\nTextbook: Industrial Automation by Ronald L. Krutz (Second Edition)\n\n  \nFeatures of ISA CyberU online course:\nOnline Pre-recorded Course Modules\nYour instructor has pre-recorded each course module so that you can access the course presentations on your schedule. Each module is a web/audio session that takes approximately 20 – 60 minutes. \nAsk the Expert\nInteract with your expert instructor via email throughout the course and through scheduled live Q&A sessions. You can expect a reply to your email within 24 hours. This email address is active during the entire course duration. \nThe Q&A sessions provide an opportunity for you and your classmates to speak one-on-one with the instructor. You will have an opportunity to ask any questions you may have about the course material and interact with your fellow classmates. \nClass Discussions\nYou will be invited to subscribe to a course listserve that includes course participants. You can use this listserve to post questions and share experience relevant to the course with other class members. \nCourse Assignments and Exams\n\nTake the course pre-test before you begin studying the course material to get a better understanding of areas that you will want to focus on more during the course.\nHomework assignments for all modules will be indicated on the syllabus. The homework assignments are designed to help expand your understanding of the course material.\nComplete the final exam for the course in order to receive Continuing Education Units (CEU) credit. The final exam will be taken and scored online. You must receive at least 80% on the course exam to receive CEU credit. (Note this exam is not the ISA/IEC 62443 Cybersecurity Fundamentals Specialist Exam)
URL:https://www.houstonisa.org/event/ic32e-using-the-isa-iec-62443-standard-to-secure-your-control-systems-september-october-e-course/
LOCATION:TX
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Jacqueline Buskop":MAILTO:jbuskop@wesleyan.edu
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20200624T080000
DTEND;TZID=America/Chicago:20200625T160000
DTSTAMP:20260527T173647
CREATED:20200209T221651Z
LAST-MODIFIED:20200523T065759Z
UID:10000092-1592985600-1593100800@www.houstonisa.org
SUMMARY:EC54 - Advanced Design & SIL Verification (June 2020)
DESCRIPTION:Location: \nKenexis\n15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418 \nDate: \nJune 24-25\, 2020 \nCourse Hours: 8:00 a.m.-4:00 p.m. \nDescription:\nThis course focuses on more detailed design issues and further hands-on examples of system analysis/modeling. Students will be better able to perform system design and analysis thus saving their companies time and money in optimizing system designs. This course will enable you to analyze any system technology and configuration to see if it will meet the required SIL (Safety Integrity Level) and determine if existing systems are safe enough\, if they need to be upgraded\, and whether proposed systems will meet the performance requirements. You will also be able to determine the optimum manual test interval for any system\, saving your company time and money by not over- or under-testing systems. \nCertificate Program: This course is required for the ISA84 Safety Instrumented Systems Certificate Program 3. You can register for the course only or for the certificate program which includes course and exam. ISA Course Safety Instrumented Systems-Design\, Analysis\, and Justification (EC50) or Safety Instrumented Systems: Design\, Analysis\, and Justification (EC50E) and ISA Certificate Safety Instrumented Systems Certificate Program 1 are prerequisites for Certificate Program 3. Those who successfully complete this course and pass the certificate program exam receive the designation of ISA84 SIL Verification Specialist. \nYou will be able to:\n\nAnalyze any system technology and configuration to see if it will meet the required SIL (Safety Integrity Level)\nDetermine if existing systems are safe enough (or whether they need to be upgraded) and whether proposed systems will meet the performance requirements\nDetermine the optimum manual test interval for any system\, saving your company time and money by not over or under-testing systems\n\nYou will cover:\n\nSystem Modeling/Analysis Hands-On Advanced Examples: Multiple Examples with Different Field Device Technologies | Configurations | Diagnostic Levels | Test Intervals | Common Cause Factors | Imperfect Manual Testing\nDetailed Design Topics: Fault Tolerance | Safe Failure Fraction | Diagnostic Coverage | Confidence Limits | System Response to Faults | Using Devices for Control and Safety | Non-Fail-Safe Design Requirements | Interface Requirements\n\n For more information and to register online: \nhttps://www.isa.org/events-conferences/events-calendar/event-details/?productId=66344142
URL:https://www.houstonisa.org/event/ec54-advanced-design-sil-verification-2/
LOCATION:Kenexis\, 15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418\, Houston\, TX\, 77079-2418\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Magda Moreno":MAILTO:magda.moreno.v@outlook.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20200622T080000
DTEND;TZID=America/Chicago:20200623T160000
DTSTAMP:20260527T173647
CREATED:20200209T221528Z
LAST-MODIFIED:20200523T065751Z
UID:10000094-1592812800-1592928000@www.houstonisa.org
SUMMARY:EC52 - Advanced Safety Integrity Level (SIL) Selection (June 2020)
DESCRIPTION:Location: \nKenexis\n15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418 \nDate: \nJune 22-23\, 2020 \nCourse Hours: 8:00 a.m.-4:00 p.m. \nDescription:\nThis course focuses on further hands-on examples of Safety Integrity Level (SIL) selection using a variety of different techniques and providing more insight into the factors that determine risk reduction requirements. Students will be better able to save their companies time and money through the optimization of system performance requirements. This builds upon the foundation set in ISA’s EC50 (Safety Instrumented Systems-Design\, Analysis\, and Justification). \nCertificate Program: This course is required for the ISA84 Safety Instrumented Systems Certificate Program 2. When you register for the course\, the certificate exam is included with your registration.ISA Course Safety Instrumented Systems-Design\, Analysis\, and Justification (EC50) or Safety Instrumented Systems: Design\, Analysis\, and Justification (EC50E) and ISA Certificate Safety Instrumented Systems Certificate Program 1 are prerequisites for Certificate Program 2. Those who successfully complete this course and pass the exam receive the designation of ISA84 SIL Selection Specialist. \n\nYou will be able to:\nDevelop and implement different SIL selection techniques within your organization\, including the risk matrix\, risk graph\, and LOPA (Layer of Protection Analysis)\, in order to determine the appropriate level of performance needed of your safety systems. This will prevent you from over or under designing the system requirements and will save your organization time and money. \nYou will cover:\n\nPrevention of System Requirements Over- or Under-Design\nDetermination of the Appropriate Level of Performance Needed for Your Safety Systems\nSafety Integrity Level (SIL) Selection Hands-on Examples: 3-Dimensional Risk Matrix | Risk Graph | LOPA (Layer of Protection Analysis) | Modified (implicit) LOPA\n\n  \nFor more information and to register online: \nhttps://www.isa.org/events-conferences/events-calendar/event-details/?productId=66344077
URL:https://www.houstonisa.org/event/ec52-advanced-safety-integrity-level-sil-selection-2/
LOCATION:Kenexis\, 15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418\, Houston\, TX\, 77079-2418\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Magda Moreno":MAILTO:magda.moreno.v@outlook.com
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Chicago:20200615T080000
DTEND;TZID=America/Chicago:20200619T160000
DTSTAMP:20260527T173647
CREATED:20200209T221404Z
LAST-MODIFIED:20200523T065735Z
UID:10000016-1592208000-1592582400@www.houstonisa.org
SUMMARY:EC50 - Safety Instrumented Systems: A Life- Cycle Approach (June 2020)
DESCRIPTION:Location: \nKenexis\n15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418 \nDate: \nJune 15-19\, 2020 \nCourse Hours: 8:00 a.m.-4:00 p.m. Monday-Thursday and 8:00 a.m.-12:00 p.m. Friday \nDescription: \nThis course focuses on the engineering requirements for the specification\, design\, analysis\, and justification of safety instrumented systems for the process industries. Students will learn how to determine safety integrity levels and evaluate whether proposed or existing systems meet the performance and documentation requirements defined in the ISA84 (IEC 61511) standard. \nThis course is required for the ISA84 Safety Instrumented Systems Certificate Programs. Your course registration includes your registration for the exam. Those who successfully complete this course and pass the exam receive the designation of ISA84 SIS Fundamentals Specialist. \nYou will be able to: \n\nDifferentiate between process control and safety control\nImplement the ISA84 (IEC 61511) standard\nEvaluate process risk levels\nSelect Safety Integrity Levels (SILs) for Safety Instrumented Functions (SIFs) using a variety of techniques\nAnalyze the performance of different logic system technologies\nAnalyze the performance of various sensor\, logic\, and final element configurations\, as well as the impact of diagnostics\, test intervals\, common cause\, system size\, imperfect manual testing\, and bypassing\nDetermine optimum system test intervals\nSpecify and select safety instrumented systems\nApply the documentation requirements for process safety management\, regulations\, and industry standards\n\n  \nFor more information and to register online: \nhttps://www.isa.org/events-conferences/events-calendar/event-details/?productId=66343901
URL:https://www.houstonisa.org/event/ec50-safety-instrumented-systems-a-life-cycle-approach/
LOCATION:Kenexis\, 15995 N Barkers Lndg Rd Ste 143 Houston\, TX 77079-2418\, Houston\, TX\, 77079-2418\, United States
CATEGORIES:Training,Cyber-Security
ORGANIZER;CN="Magda Moreno":MAILTO:magda.moreno.v@outlook.com
END:VEVENT
END:VCALENDAR