• Cybersecurity Awareness Training for Water/Wastewater Industry Professionals (IC31)


    training-button-register-now

    Length: 1.5 days
    CEU Credits: 1.1
    Course Hours: Day 1: 8:00 a.m – 4:00 p.m. Day 2: 8:00 a.m – 12 noon
    Certification of Completion: A Certificate of Completion indicating the total number of CEUs earned will be provided upon successful completion of the course.

    Description:

    This course will help water/wastewater industry professionals understand the risks their organization faces from cybersecurity incidents and the recommended approaches to minimizing these risks.

    Who should attend?

    • Maintenance supervisors
    • IT/security
    • SCADA and automation engineers

    You will be able to:

    • Describe the types of cybersecurity risks that water/wastewater organizations face.
    • Identify the recommended standards and best practices for cybersecurity within the water/wastewater industry.
    • Quantify and prioritize your organization's cybersecurity risks using risk analysis techniques.
    • Implement Cyber-hygiene practices. Including:
      • Awareness.
      • Anti-virus and patching.
      • Account management.
      • Removable media management.
      • Backup and recovery.
      • Change management.
      • Incident response.
    • Apply additional defense in depth measures appropriate to your organization's risk assessment.
    • Identify questions to ask vendors and contractors about security issues to fully understand issues and what is provided.

    You will cover:

    • Cybersecurity risks facing water/wastewater organizations.
      • Background and overview.
      • Social engineering.
      • Malware.
      • Ransomware.
      • Removable media.
      • Deliberate and accidental incidents.
       
    • Recommended standards and best practices.
      • ISA/IEC62443.
      • NIST Cybersecurity Framework.
      • Additional guidance and best practice.
       
    • Risk analysis.
      • Defining a risk framework.
      • Applying the framework and interpreting the results.
       
    • Cyber-hygiene practices.
      • Awareness.
      • Anti-virus and patching.
      • Account management.
      • Removable media management.
      • Backup and recovery.
      • Change management.
      • Incident response.
       
    • Apply additional defense in depth measures appropriate to your organization's risk assessment.
      • Network security.
      • Application whitelisting.
      • Intrusion detection and prevention.
       
    • Asking the right questions of vendors and contractors

    Exercises and demonstrations

    • Risk assessment exercise (desk exercise).
    • Demonstration of cybersecurity attacks on OT equipment (practical, using ISA cybersecurity trainer unit).

    Seminar prerequisites

    • No specific prerequisites although it is highly recommended that applicants have at least 12 months experience in the water/wastewater industry and are competent in basic IT skills.


    If you wish to register offline, download the Training Registration Form, complete, and return to ISA with your payment.

    training-button-register-now