‎Version of this course‎: 2.0

The version of this training course has been superseded by the new version 3.0. The material in this version is only available for previous students to study and review purposes only. The lab exercise and final evaluation has been intentionally removed.

You Will Be Able to:

• ‎Identify and document the scope of IACSs under evaluation and under consideration‎
• ‎Specify, gather, or generate the cybersecurity information necessary to perform the assessment‎
• ‎Identify or discover cybersecurity vulnerabilities inherent in the product or system under consideration‎
• ‎Organize and facilitate a cybersecurity risk assessment for an integrated system‎
• ‎Identify and evaluate realistic threat scenarios‎
• ‎Identify gaps in existing company policies, procedures and standards‎
• ‎Establish and document safety zones and conduits‎
• ‎Prepare documentation of the results of the evaluation.‎

You Will Cover:

• Preparing for an Assessment
• Cybersecurity Vulnerability Assessment
• Conducting Vulnerability Assessments
• Cyber Risk Assessments
• Conducting Cyber Risk Assessments
• Documentation and Reporting
• And more…

Classroom/Laboratory Demo:

• Critiquing system architecture diagrams
• Asset inventory
• Gap Assessment
• Windows Vulnerability Assessment
• Capturing Ethernet Traffic
• Port Scanning
• Using Vulnerability Scanning Tools
• Perform a high-level risk assessment
• Creating a zone & conduit diagram
• Perform a detailed cyber risk assessment
• Critiquing a cybersecurity requirements specification

Who Should Attend:

• Control systems engineers and managers
• System Integrators
• IT engineers and managers of industrial facilities
• IT corporate/security professionals
• Plant Safety and Risk Management

Recommended Pre-Requisite:

ISA Course IC32 or equivalent knowledge/experience.