Description:

This on-demand course will provide students with the information and skills to assess the cybersecurity of a new or existing IACS and to develop a cybersecurity requirements specification that can be used to document the cybersecurity requirements the project.

Length: Six 30-45 minute modules
CEUs:  0.6 
Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.
Certificate Program:Part of the ISA/IEC 62443 Cybersecurity Certificate Program: After successfully completing all six modules, students may take the exam for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist. Exam fee is included in full course purchase price

Register Now

 

You Will Be Able to:

  • Identify and document the scope of the IACS under assessment
  • Specify, gather or generate the cybersecurity information required to perform the assessment
  • Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design
  • Organize and facilitate a cybersecurity risk assessment for an IACS
  • Identify and evaluate realistic threat scenarios
  • Identify gaps in existing policies, procedures and standards
  • Establish and document security zones and conduits 
  • Prepare documentation of assessment results
 

You will cover:

  • Preparing for an Assessment: Security Life Cycle | Scope | System Architecture Diagrams | Network Diagrams | Asset Inventory | Cyber Criticality Assessment
  • Cybersecurity Vulnerability Assessment: Risk | Types of Cybersecurity Vulnerability Assessments | Gap Assessments | Passive and Active Assessments | Penetration Testing | Conducting Gap Assessments | Gap Assessment Tools | CSET
  • Conducting Vulnerability Assessments: Vulnerability Process | Pre-assessment | Standards | Research | Kick Off and Walk Thru | Passive Data Collection | Active Data Collection | Penetration Testing
  • Cyber Risk Assessments: Understanding Risk | ISA 62443-2-1 | SuC | Conduct High-level Risk Assessment | Consequence Scale | Establish Zones and Conduits | Zone and Conduit Drawings and Documentation | Document Cybersecurity Requirements
  • Conducting Cyber Risk Assessments: Detailed Cyber Risk Assessment Process | Threats | Vulnerabilities | Consequences | Likelihood | Calculate Risk | Security Levels | Countermeasures | Residual Risk | Documentation
  • Documentation and Reporting: Document to Maintain | Required Reports | Zone and Conduit Diagrams | Cybersecurity Requirements Specification (CRS)

Lab demonstrations: (Included in modules)
Critiquing System Architecture Diagrams
Asset Inventory
Gap Assessment
Windows Vulnerability Assessment
Capturing Ethernet Traffic
Port Scanning
Windows Vulnerability Scanning
Perform a High-Level Cybersecurity Risk Assessment
Creating a Zone & Conduit Diagram
Perform a Detailed Cyber Risk Assessment
Risk Assessment Report
 
What is included:
On-demand modules with video lab demonstrations included
  • Module 1: Preparing for an Assessment (Approx. 95 minutes)
  • Module 2: Cybersecurity Vulnerability Assessment (Approx. 35 minutes)
  • Module 3: Conducting Vulnerability Assessments (Approx. 102 minutes)
  • Module 4: Cyber Risk Assessments (Approx. 69 minutes)
  • Module 5: Conducting Cyber Risk Assessments (Approx. 80 minutes)
  • Module 6: Documentation (Approx. 15 minutes)
A viewable version of ISA standards for course reference
  • ISA/IEC 62443-1-1
  • ISA/IEC 62443-2-1
  • ISA/IEC 62443-3-3
  • ISA/IEC 62443-2 (draft version)
ISA’s Cybersecurity Assessment Challenge – a Jeopardy-style review game which can be used as a review for the certification exam (Free Add-On)
Exam registration for ISA/IEC 62443 Cybersecurity Risk Assessment Specialist 


Who Should Attend:

  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers industrial facilities
  • IT corporate/security professionals
  • Plant Safety and Risk Management
 

Recommended Pre-Requisite:

ISA Course IC32 or equivalent knowledge/experience.

For more information:
Contact us at +1 919-549-8411 or info@isa.org to start your company on the path to well-trained employees.