Develop all the necessary tools to implement the Monitoring and Maintenance of the Security Levels defined for each of the Zones and Ducts of the Systems Under Consideration (SuC) for a safe and smooth operation.

Security levels tend to degrade over time and at the same time, changes in plants and systems become necessary, new vulnerabilities are discovered and new threats appear. Maintaining surveillance, updating systems, carrying out adequate change management, monitoring the security of assets, responding to events and alerts assertively, are some of the activities to be carried out in this phase.

This course is developed focusing on the energy, oil and gas industries. It means complying with all the requirements of the ISA/IEC-62443 series of standards, harmonizing with the typical regulations of these sectors, which are NERC, C2M2, TSA, and other popular regulations.

At the end of the EN62 course, you will be able to:

• Design and implement strategies and systems for monitoring, detection, alerts, and response plan management assertively without false positives.
• Integrate with corporate SOC-OT applications for bidirectional exchange of security information.
• Design and implement industrial systems update strategies appropriately.
• Design and implement change management processes in industrial systems, maintaining security levels without degrading.
• Plan preventive maintenance activities on industrial systems for the safety of zones and conduits.
• Design and manage backup plans and systems and recovery plans.
• Develop periodic safety audits on industrial systems in zones and conduits.

You will cover the following topics in the course:

• Configuration of notifications and security alerts based on the AMRS technical specification from the previous IMPLEMENT phase.
• Management of security alerts according to criticality and priority of zones, and conduits.
• Preparation and implementation of procedural instructions to respond to each of the security alerts with context information.
• Integration with industrial process alarm systems, according to ISA 18.2 standard.
• Integration with corporate systems to develop and implement security strategies based on external events, including news, updates, changes in security policies and others.
• Risk assessment of engineering changes, requests and internal needs on existing systems, verification of objective security levels (SL-T).
• Periodic and scheduled evaluation of Industrial Cyber ​​Risks in Areas and Ducts according to the security level (SL-T/A).
• Maintenance and updating of the risk profile and the general catalog of threats and threat actions.
• Updating and knowledge bases of Technological Vulnerabilities (CVEs).
• Configuration and testing in the operation of the redundant architecture of the ZCM system.
• Analysis of historical behavior of Zones and Conduits and preparation of reports.
• Design and technical specification for the implementation and preparation of the backup management plan and recovery procedures for existing industrial systems. (The ZCM system is not a Backup & Restore solution, requires third-party applications, and takes advantage of the abilities of each of the industrial systems)
• Integration with third-party systems using API (Applications Programming Interface) and automation of workflows, complying with the requirements of the ISA 95 standard.
• Development of periodic authorship on:
• Existing industrial systems for verification of the operation of countermeasures and mitigation actions.
• Security gaps in industrial operations.

Who is it aimed at?

• Recommended for all personnel in industrial sectors such as: energy, water, oil, gas, steel, food, pharmaceutical, and many others, which are related to the activities of protecting critical infrastructure and control systems.
• The participation of IT security managers, system integrators, industrial control system providers, plant engineers, production and plant operation management, industrial security, specialists in security instrumented systems and maintenance personnel is recommended, whether they are high or middle management.
• Teachers specialized in related careers.

Requirements:

Have taken and passed the EN61 course.

Deliverables:

Participants will receive the material digitally through the educational platform, including the following materials.

• Access to course lessons online.
• Various documents, videos and complementary material so that participants can delve deeper.
• Access to the educational campus to download complementary information and software.

Modality and Schedules:

This course is available in all face-to-face (in WisePlant Offices, in the Client’s Plant, in Academy) and Virtual (Synchronous, Asynchronous and On Demand) modalities. Even in face-to-face modalities, the course requires participants to use the Educational Platform to access the abundant complementary material and to take the Final Evaluation.

Duration: 16 hours with the teacher, including the final evaluation.

Certificate:

A first certificate of knowledge is issued upon completion of the EN62 course

• Certificate: “Practitioner of Safe Operation and Preventive and Corrective Maintenance of Cybersecurity in Industrial Systems”
• CRE credits: 1.6
• The certification exam is taken in class at the end of the course. Available in Spanish, Portuguese, and English.

A second experience certificate is issued after practical implementation in real projects.

• Certificate: “Expert in Safe Operation and Preventive and Corrective Maintenance of Cybersecurity in Industrial Systems”
• CRE Credits: cumulative, depending on the duration of the activities carried out by the practitioner.

Summary of course highlights:

• Available in Spanish and Portuguese languages, both the voiceover and the complete course material. The course material will be available to consult on the Educational Campus (asynchronous) both in Spanish and in Portuguese and English.
• Includes practical online exercises. Each attendee accesses remotely from the campus a dedicated computer networked with the rest of the course computers to perform several practical Cybersecurity exercises on networks with specific software and applications.
• Abundant complementary reading material.
• Virtual group study meetings until taking the exam, even after the course has ended.
• The assistant can enter the Campus to consult the course material for a period of 1 year.
• Coaching, chat and blog 7×24 for a period of 1 year, assisting in the implementation of the practical knowledge acquired in your organization.

Recognitions

All participants who meet the course requirements and successfully pass the final exam with a good grade will be awarded a Digital Badge. The digital Badge certifies that the participant has attended the EN62 training course and has taken the final evaluation test with a good grade, verifying that said participant has assimilated the new knowledge.