O objetivo deste curso é explicar os conceitos básicos da cibersegurança industrial e desenvolver suas particularidades de forma holística. Ajude os participantes a adotar uma atitude preventiva e consciente para se proteger das ameaças e suas diferentes formas de se manifestar. Visa também desenvolver um vocabulário comum com conceitos claros e características de infraestruturas críticas, reconhecendo as diferenças entre sistemas corporativos e sistemas industriais. Os participantes estarão familiarizados com o ciclo de vida de um programa de cibersegurança industrial em sistemas existentes e futuros.

En este curso de Introducción a la Ciberseguridad Industrial a Infraestructura Crítica, el asistente tendrá una clara visión de los aspectos técnicos de la ICS&CI (Industrial CyberSecurity & Critical Infrastructure) y del ciclo de vida de un Programa para la Ciberseguridad Industrial. El contenido del curso se describe a continuación y el mismo se encuentra organizado en 8 lecciones. Este curso también le servirá al profesional interesado en la ICS&CI a planear su carrera y certificación profesional, como así también confirmar sus expectativas. Es ideal para todo profesional que desea evaluar los próximos pasos a seguir, tanto a nivel profesional como dentro de la organización para la cual se desempeña.

Gestionar proyectos de Ciberseguridad Industrial con eficacia y eficiencia, logrando una óptima utilización de los recursos, minimizando los tiempos de implementación y eliminando los riesgos que pueden atentar contra el éxito, es clave y fundamental para todo gerente de proyecto, inclusive sin la necesidad de ser un especialista en Ciberseguridad. El curso se desarrolla sobre un WBS Framework que garantiza a todos los participantes estar alineados en cada una de las actividades a realizar con desarrollo modular, de muy fácil interpretación y cumplimiento para todas las normas, estándares, regulaciones y mejores prácticas.

Desarrollar todas las herramientas necesarias para ejecutar la Evaluación de Riesgos Cibernéticos Industriales, cumpliendo con todos los requerimientos de la serie de normas ISA/IEC-62443, con facilidad, rapidez y asegurando su cumplimiento. La metodología para la evaluación de riesgos cibernéticos de forma correcta es fundamental para tomar las decisiones acertadas con el objetivo principal de crear infraestructuras industriales resilientes a todo tipo de amenazas, inclusive a las más persistentes. El curso se desarrolla enteramente sobre la metodología WBS durante la primera fase del ciclo de vida de la Ciberseguridad Industrial, cubriendo en un 100% las necesidades de la Fase de Evaluación de Riesgos Cibernéticos Industriales para sistemas existentes o futuros.

The ability of any organization (end user or supplier) to develop and implement industrial cybersecurity management projects successfully, making optimal use of resources, in minimal…

Gestionar proyectos de Ciberseguridad Industrial con eficacia y eficiencia, logrando una óptima utilización de los recursos, minimizando los tiempos de implementación y eliminando los riesgos que pueden atentar contra el éxito, es clave y fundamental para todo gerente de proyecto, inclusive sin la necesidad de ser un especialista en Ciberseguridad. El curso se desarrolla sobre un WBS Framework que garantiza a todos los participantes estar alineados en cada una de las actividades a realizar con desarrollo modular, de muy fácil interpretación y cumplimiento para todas las normas, estándares, regulaciones y mejores prácticas.

La capacidad de cualquier organización (usuario final o proveedor) para desarrollar e implementar proyectos de gestión de ciberseguridad industrial con éxito, haciendo una utilización óptima…

The purpose of the EN60 course is to manage the development of the activities necessary to carry out the assessment of industrial cyber risks, meeting…

La metodología para la evaluación de riesgos cibernéticos de forma correcta es fundamental para tomar las decisiones acertadas con el objetivo principal de crear infraestructuras…

‎A detailed overview of how ISA/IEC-62443 (formerly ISA 99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between security for traditional IT environments and appropriate solutions for SCADA or plant environments. The course explores the movement towards using open standards such as Ethernet, TCP/IP and web technologies in SCADA and process control networks that have begun to expose these systems to the same cyberattacks that have wreaked so much havoc on global government and businesses. Information systems.‎

‎A detailed overview of how ISA/IEC-62443 (formerly ISA 99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between security for traditional IT environments and appropriate solutions for SCADA or plant environments. The course explores the movement towards using open standards such as Ethernet, TCP/IP and web technologies in SCADA and process control networks that have begun to expose these systems to the same cyberattacks that have wreaked so much havoc on global government and businesses. Information systems.‎

The first phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) is to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA/IEC 62443-2-1 these assessments need to be performed on both new (i.e. greenfield) and existing (i.e. brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system, identifying security level targets, and documenting the cybersecurity requirements into a cybersecurity requirements specification (CRS).

‎The first phase in the Industrial Systems Cybersecurity (IACS – defined in ‎‎ISA‎‎/IEC-62443-1-1) lifecycle consists of identifying and documenting industrial assets (IACS) and performing a cybersecurity vulnerability analysis and risk assessment to identify and understand high-risk vulnerabilities that require mitigation. For ‎‎ISA‎‎/IEC-62443-2-1 these assessments must be performed on both existing (Brownfield) and new (Greenfield) applications. Part of the assessment process involves developing a zone and conduit model of the systems under consideration, identifying security level objectives, and documenting cybersecurity requirements into a cybersecurity requirements specification (‎‎CSRS‎‎).‎

The second phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This involves the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the Assess phase. This phase also includes cybersecurity acceptance testing of the integrated solution, to validate countermeasures are properly implemented and that the IACS has achieved the target security level. This course will provide students with the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS to achieve the target security level assigned to each IACS zone or conduit. Additionally, students will learn how to develop and execute test plans to verify that the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification.

‎The second phase in the Industrial Systems Cybersecurity Lifecycle (IACS – defined in ISA/IEC-62443-1-1) focuses on activities associated with the design and implementation of cybersecurity countermeasures. This involves the selection of appropriate countermeasures based on their security-level capability and the nature of the threats and vulnerabilities identified in the assessment phase. This phase also includes conducting cybersecurity tests for the acceptance of the integrated solution, to validate that the countermeasures are implemented correctly and that the industrial system under consideration has reached the required level of security.‎

The third phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting, security monitoring and incident response, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change, backup and recovery procedures and periodic cybersecurity audits. This course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events, as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an every changing threat environment.

The third phase in the Cybersecurity in Industrial Systems (IACS) lifecycle – defined in ISA/IEC-62443-1-1) focuses on activities associated with ongoing operations and the maintenance of Cybersecurity. This involves performing diagnostics and troubleshooting, monitoring security, responding to incidents, and maintaining the cybersecurity countermeasures implemented in the design and implementation phase. This phase also includes security management of recovery, backup and cybersecurity procedures and periodic audits.‎

Many manufacturing firms have made significant investments in flexible shop-floor execution systems and in sophisticated enterprise planning (ERP) systems. Those investments, however, cannot yield their full potential until each has access to the information and capabilities of the other. The ANSI/ISA95 standard addresses that coordination problem by providing a sound, robust definition of business activities and of the information that must flow between those two realms. This course also teaches the terminology used in Information Technology (IT) departments so that manufacturing and IT personnel can effectively work together on integration projects.