Course #: IC37V | CEUs: 2.1 | Length: 3 days | A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the course.
IACS Cybersecurity Operations & Maintenance (IC37V) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity implemented in the Design & Implementation phase. This involves network diagnostics and troubleshooting, security monitoring and incident response, and maintenance of the implemented cybersecurity countermeasures. This phase also includes security management of change, backup and recovery procedures, and periodic cybersecurity audits. IC37 will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an ever-changing threat environment.
Para la audiencia de habla hispana (y portuguesa) el material de estudio se dispone en idioma inglés. La evaluación de certificación profesional se encuentra disponible únicamente en idioma inglés, al igual que la serie de normas ISA/IEC-62443.
Certificate Program: IC37 is the fourth course in the ISA/IEC 62443 Cybersecurity Certificate Program. Pass the exam to earn the ISA/IEC 62443 Cybersecurity Maintenance Specialist certificate. Course registration includes one exam fee.
Required Prerequisites
Successful completion of Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32) and passing the ISA/IEC 62443 Cybersecurity Fundamentals Specialist certificate exam are mandatory prerequisites for this course.
Who Should Take IC37?
- Control systems engineers and managers
- System integrators
- IT engineers and managers in industrial facilities
- Plant managers
- Plant safety and risk management personnel
Learning Objectives
- Perform basic network diagnostics and troubleshooting
- Interpret the results of IACS device diagnostic alarms and event logs
- Implement IACS backup and restoration procedures
- Describe the IACS patch management life cycle and procedure
- Apply an antivirus management procedure
- Define the basics of application control and white listing tools
- Define the basics of network and host intrusion detection
- Define the basics of security incident and event monitoring tools
- Implement an incident response plan
- Implement an IACS management of change procedure
- Conduct a basic IACS cyber security audit
Topics Covered
- Introduction to the ICS Cybersecurity Lifecycle
- Identification & Assessment phase
- Design & Implementation phase
- Operations & Maintenance phase
- Network Diagnostics and Troubleshooting
- Interpreting device alarms and event logs
- Early indicators
- Network intrusion detection systems
- Network management tools
- Application Diagnostics and Troubleshooting
- Interpreting OS and application alarms and event logs
- Early indicators
- Application management and whitelisting tools
- Antivirus and endpoint protection tools
- Security incident and event monitoring (SIEM) tools
- IACS Cybersecurity Operating Procedures & Tools
- Developing and following an IACS management of change procedure
- Developing and following an IACS backup procedure
- IACS configuration management tools
- Developing and following an IACS patch management procedure
- Patch management tools
- Developing and following an IACS antivirus management procedure
- Antivirus and whitelisting tools
- Developing and following an IACS cybersecurity audit procedure
- Auditing tools
- IACS incident response
- Developing and following an IACS incident response plan
- Incident investigation
- System recovery
Exercises
- Build the Board
- Allowlisting
- Patch management
- Snort intrusion detection system
- Monitoring
- Troubleshooting
- Incident recovery
- Security Information and Event Management (SIEM)
Recommended Resources
- ISA-62443-1-1-2007, Security for Industrial Automation and Control Systems – Part 1-1: Terminology, Concepts and Models (Standard)
- ANSI/ISA-62443-2-1-2024, Security for Industrial Automation and Control Systems – Part 2-1: Security Program Requirements for IACS Asset Owners (Standard)
- ANSI/ISA-62443-3‑2-2020, Security for Industrial Automation and Control Systems – Part 3‑2: Security Risk Assessment for System Design (Standard)
- ANSI/ISA-62443-3-3 (99.03.03)-2013, Security for Industrial Automation and Control Systems – Part 3-3: System Security Requirements and Security Levels (Standard)
- ISA Cybersecurity Library (Publication)
Recommended Prerequisite, ISA Courses
- Equivalent knowledge/experience
- Assessing the Cybersecurity of New or Existing IACS Systems (IC33)
- IACS Cybersecurity Design & Implementation (IC34)
- Communication Essentials for Industrial Automation Systems (TS07)
- IT and OT Advanced Skills for I & C Personnel (TS12)
The main objectives of ISA training is to make sure that the audience understands and interprets the requirements of the ISA/IEC-62443 series of standards correctly and what needs to be done. While the exercises and products used in the lab helps to understand the concepts, it is not within the objectives of ISA to recommend any specific solution or to show how to comply with the multiple requirements. Check the Frequently Asked Questions (FAQ) here.
You must log in and have started this course to submit a review.
About Instructor
+8
enrolled
Course Includes
- 7 Lessons
- 1 Quiz
- Course Certificate
