Full Course: Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32M)

Course Details

Course: IC32M
Length: Twelve on-demand modules
ISA-memberprice: € 1.375,-
Non ISA-memberprice: € 1.675,-
Exam: ISA/IEC 62443 ISA/IEC 62443 Cybersecurity Fundamentals Specialist IC-32 is included (€ 200,- value)

CEU Credits: 1.0
Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.

This course starts every 1-st and 15-th of every month

RECOMMENDED PRE-REQUISITE:

ISA Course IC32/IC32E or equivalent knowledge/experience

Description:

This is a self-paced, online course consisting of 12 modules which take a detailed look at how the ISA/IEC 62443 (formerly ISA 99) Standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet, TCP/IP, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyber-attacks that have wreaked so much havoc on global government and corporate information systems.

Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program. After successfully completing all twelve modules, students may take the exam for ISA/IEC 62443 Cybersecurity Fundamentals Specialist. Exam fee is included with course purchase.

Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.

You will be able to:

  • Discuss the principles behind creating an effective long term program security
  • Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
  • Define the basics of risk and vulnerability analysis methodologies
  • Describe the principles of security policy development
  • Explain the concepts of defense in depth and zone/conduit models of security
  • Analyze the current trends in industrial security incidents and methods hackers use to attack a system
  • Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

You will cover:

  • Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
  • How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
  • Creating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • Risk Analysis:  Business Rationale | Risk Identification, Classification, and Assessment
  • Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
  • Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
  • Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
  • Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
  • Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems

Laboratory Demo:

  • PCAP Live Capture Analysis

Who Should Attend:

  • Control Systems Engineers and Managers
  • System Integrators
  • IT Engineers and Managers – Industrial Facilities
  • Plant Managers
  • Plant Safety and Risk Management

Course Includes:

Twelve (12) on-demand modules (Access available for one year)

  • Module 1: Introduction to Control Systems Security and the ISA/IEC 62443 Standards (50 min)
  • Module 2: A/IEC 62443-1-1 Terminology and Regulations & Standard (60 min)
  • Module 3: ISA99 Committee, The 62443 Standards, and Intro to the IACS Cybersecurity Lifecycle (35 min)
  • Module 4: Establishing an Industrial Automation and Control Systems Security Program (70 min)
  • Module 5: Industrial Networking Basics L1 – L7 (75 min)
  • Module 6: Demonstration Lab: PCAP Analysis (65 min)
  • Module 7: Network Security Basics (30 min)
  • Module 8: Industrial Protocols (25 min)
  • Module 9: ISA/IEC 62443 Models (35 min)
  • Module 10: Network Segmentation, Patch Management, and Intrusion Detection (55 min)
  • Module 11: Security Risk Assessment and System Design Intro (65 min)
  • Module 12: Security Program Requirements for IACS Service Providers (40 min)

IC32 Noteset Volume I with sections on Course Presentation slides from course modules, Instructional Surveys/Answers and Additional Resources

IC32 Noteset Volume II with the following three publications

  • ANSI / ISA 99.00.01-2007 / IEC 62443-1-1: Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models (Approved 29 October 2007)
  • ANSI / ISA 99.00.02-2009 / IEC 62443-2-1: Security for Industrial Automation and Control Systems Part 2: Establishing an Industrial Automation and Control System Security Program
  • ISA-62443.03.03 / IEC 62443-3-3: Security for Industrial Automation and Control Systems: System Security Requirements and Security Assurance Levels

Textbook

  • Industrial Automation by Ronald L. Krutz (Second Edition)

Exam Fee

  • ISA/IEC 62443 Cybersecurity Fundamentals Specialist Certification ($200 value)

Recommended Pre-Requisites:

There are no required prerequisites for taking this course; however, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting.

ISA Courses TS04, TS06, TS12, or equivalent knowledge/experience would be beneficial.

Costs

ISA members: € 1.375,-
Non-ISA members: € 1.675,-  (ISA membership: € 125,-)

Exam: ISA/IEC 62443 ISA/IEC 62443 Cybersecurity Fundamentals Specialist IC-32 is included (€ 200,- value)

Register

register