2137 VEN – Operation and Maintenance of Cybersecurity in Industrial Systems (IC37 v3.0)

The third phase in the Cybersecurity in Industrial Systems (IACS) lifecycle – defined in ISA/IEC-62443-1-1) focuses on activities associated with ongoing operations and the maintenance of Cybersecurity. This involves performing diagnostics and troubleshooting, monitoring security, responding to incidents, and maintaining the cybersecurity countermeasures implemented in the design and implementation phase. This phase also includes security management of recovery, backup and cybersecurity procedures and periodic audits.‎
· May 7, 2023

‎Version of this course‎: 3.01

You will be able to:

  • Perform basic network diagnostics and troubleshooting
  • Interpret the results of IACS device diagnostic alarms and event logs
  • Implement IACS backup and restoration procedures
  • Describe the IACS patch management life cycle and procedure
  • Apply an antivirus management procedure
  • Define the basics of application control and white listing tools
  • Define the basics of network and host intrusion detection
  • Define the basics of security incident and event monitoring tools
  • Implement an incident response plan
  • Implement an IACS management of change procedure
  • Conduct a basic IACS cybersecurity audit

You will cover:

  • Introduction to the ICS Cybersecurity Lifecycle
    • Identification & Assessment phase
    • Design & Implementation phase
    • Operations & Maintenance phase
  • Network Diagnostics and Troubleshooting
    • Interpreting device alarms and event logs
    • Early indicators
    • Network intrusion detection systems
    • Network management tools
  • Application Diagnostics and Troubleshooting
    • Interpreting OS and application alarms and event logs
    • Early indicators
    • Application management and whitelisting tools
    • Antivirus and endpoint protection tools
    • Security incident and event monitoring (SIEM) tools
  • IACS Cybersecurity Operating Procedures & Tools
    • Developing and following an IACS management of change procedure
    • Developing and following an IACS backup procedure
    • IACS configuration management tools
    • Developing and following an IACS patch management procedure
    • Patch management tools
    • Developing and following an IACS antivirus management procedure
    • Antivirus and whitelisting tools
    • Developing and following an IACS cybersecurity audit procedure
    • Auditing tools
  • IACS incident response
    • Developing and following an IACS incident response plan
    • Incident investigation
    • System recovery

Classroom/Laboratory Exercises:

  • Build The Board
  • Patch Management
  • Whitelisting
  • Snort Intrusion Detection System
  • Monitoring
  • Versioning and Backups
  • Incident Recovery

Who Should Attend?

  • Operations and maintenance personnel
  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers industrial facilities
  • Plant Safety and Risk Management

Recommended Pre-Requisites:

ISA Courses TS06, TS12, TS20, IC32, IC33 and IC34 or equivalent knowledge/experience.

The main objectives of ISA training is to make sure that the audience understands and interprets the requirements of the ISA/IEC-62443 series of standards correctly and what needs to be done.

While the exercises and products used in the lab helps to understand the concepts, it is not within the objectives of ISA to recommend any specific solution or to show how to comply with the multiple requirements.

Not Enrolled
This course is currently closed

Course Includes

  • 6 Lessons
  • 1 Quiz
  • Course Certificate
Click to access the login or register cheese
You cannot copy content. You can download from download areas.