Description

This on-demand course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements the project.

Length: Six 30-45 minute modules
CEUs: 0.6 
Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.
Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program: After successfully completing all six modules, students may take the exam for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist. Exam fee is included in full course purchase price

Register Now

You Will Be Able to

  • Identify and document the scope of the IACS under assessment
  • Specify, gather or generate the cybersecurity information required to perform the assessment
  • Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design
  • Organize and facilitate a cybersecurity risk assessment for an IACS
  • Identify and evaluate realistic threat scenarios
  • Identify gaps in existing policies, procedures and standards
  • Establish and document security zones and conduits 
  • Prepare documentation of assessment results

You will cover

  • Preparing for an Assessment: Security Life Cycle | Scope | System Architecture Diagrams | Network Diagrams | Asset Inventory | Cyber Criticality Assessment
  • Cybersecurity Vulnerability Assessment: Risk | Types of Cybersecurity Vulnerability Assessments | Gap Assessments | Passive and Active Assessments | Penetration Testing | Conducting Gap Assessments | Gap Assessment Tools | CSET
  • Conducting Vulnerability Assessments: Vulnerability Process | Pre-assessment | Standards | Research | Kick Off and Walk Thru | Passive Data Collection | Active Data Collection | Penetration Testing
  • Cyber Risk Assessments: Understanding Risk | ISA/IEC 62443-2-1 | SuC | Conduct High-level Risk Assessment | Consequence Scale | Establish Zones and Conduits | Zone and Conduit Drawings and Documentation | Document Cybersecurity Requirements
  • Conducting Cyber Risk Assessments: Detailed Cyber Risk Assessment Process | Threats | Vulnerabilities | Consequences | Likelihood | Calculate Risk | Security Levels | Countermeasures | Residual Risk | Documentation
  • Documentation and Reporting: Document to Maintain | Required Reports | Zone and Conduit Diagrams | Cybersecurity Requirements Specification (CRS)

Lab demonstrations (Included in modules)

  • Critiquing System Architecture Diagrams
  • Asset Inventory
  • Gap Assessment
  • Windows Vulnerability Assessment
  • Capturing Ethernet Traffic
  • Port Scanning
  • Windows Vulnerability Scanning
  • Perform a High-Level Cybersecurity Risk Assessment
  • Creating a Zone & Conduit Diagram
  • Perform a Detailed Cyber Risk Assessment
  • Risk Assessment Report

What is included

On-demand modules with video lab demonstrations included

  • Module 1: Preparing for an Assessment (Approx. 95 minutes)
  • Module 2: Cybersecurity Vulnerability Assessment (Approx. 35 minutes)
  • Module 3: Conducting Vulnerability Assessments (Approx. 102 minutes)
  • Module 4: Cyber Risk Assessments (Approx. 69 minutes)
  • Module 5: Conducting Cyber Risk Assessments (Approx. 80 minutes)
  • Module 6: Documentation (Approx. 15 minutes)

A viewable version of ISA standards for course reference

  • ISA/IEC 62443-1-1
  • ISA/IEC 62443-2-1
  • ISA/IEC 62443-3-3
  • ISA/IEC 62443-2 (draft version)

ISA’s Cybersecurity Assessment Challenge – a Jeopardy-style review game which can be used as a review for the certification exam (Free Add-On)
Exam registration for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist 

Who Should Attend

  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers industrial facilities
  • IT corporate/security professionals
  • Plant Safety and Risk Management

Recommended Pre-Requisite

ISA Course IC32 or equivalent knowledge/experience.

For more information

Contact us at +1 919-549-8411 or info@isa.org to start your company on the path to well-trained employees.