Acerca de

The ICS CYBERSECURITY PRACTITIONER TRAINING COURSE is specifically tailored for cybersecurity professionals who play a critical role in safeguarding and maintaining security in an OT plant. These professionals may include CISOs, security operations personnel, threat hunters, or incident responders who are directly tasked with detecting and thwarting cyber-attacks. Additionally, in the event of a cyber-attack, they are responsible for initiating recovery measures and responding effectively to the incident.

In the course 2-1 - OT CYBER SECURITY STANDARDS AND GOVERNANCE COURSE, we will deep dive into Standards such as IEC 62443 series which comprises a set of standards and technical reports that outline procedures for establishing electronically secure systems across various industries, such as transportation, medical, robotics, and Industrial Automation and Control Systems (IACS). These methodologies and practices are applicable to a wide range of stakeholders, including end-users (i.e., owner/operators), system integrators, security practitioners, and control systems manufacturers. These stakeholders are responsible for tasks such as system design, manufacturing, integration, and maintenance.

Being a leader and professionals in cyber security practice in the OT environment, it is important to understand the various standards applied across the world.

COURSE DURATION:

• 3 days of Instructor-led training

WHAT WILL BE COVERED IN THE COURSE:

The ISA and the International Electrotechnical Commission (IEC) have collaborated to establish a set of standards known as the ISA/IEC 62443 series. This comprehensive course delves into the fundamental principles of these standards. These standards play a crucial role in the automation of industrial production processes, widely utilized in sectors such as power, water, oil, and natural gas. The ISA/IEC 62443 standards offer guidelines for optimal practices in industrial network security, with new technical specifications being evaluated every three years for potential adoption as new standards.

The course will introduce the overall standards within IEC 62443, including:

General and Concepts

1. 1-1 Concept and Models

2. 1-2 Master Glossary of terms and Abbreviation

3. 1-3 Security System conformance metrics

4. 1-4 IACS Security Lifecycle and Use Case

Guidelines and Processes

1. 2-1 Security Program requirements for IACS asset owners

2. 2-2 IACS Security Protection Ratings

3. 2-3 Patch management in the IACS environment

4. 2-4 Security Program requirements for IACS service providers

5. 2-5 Implementation guidance for IACS asset owners

System Criteria

1. 3-1 Security Technologies for IACS

2. 3-2 Security Risk Assessment for System Design

3. 3-3 System security requirement and security levels

Component Criteria

1. 4-1 Product security development life cycle requirements

2. 4-2 Technical security requirements for IACS components

During the segment focusing on security design and architecture, we will explore a competence framework tailored specifically to OT cybersecurity. This framework is essential for a Chief Information Security Officer (CISO) to understand the diverse roles necessary within a cybersecurity setup. The growing interconnection between IT and OT systems has led to an increased demand for roles that encompass proficiencies in both IT and OT domains. While the existing Skills Framework for Information and Communication Technology (ICT) offers valuable insights, its scope was designed to encompass the broader ICT workforce. A more detailed approach is essential for OT cybersecurity, both in terms of coverage and relevance. The OT Competency Framework addresses this gap by offering enhanced clarity to key stakeholders and serving as a guide:

• System owners of both OT and IT domains can reference the OT cybersecurity capabilities essential for attracting suitable candidates, providing comprehensive training, and outlining potential career paths.

• Training institutions can use the OTCCF to identify the technical competencies required for various job roles, enabling them to design top-notch courses and certifications that cater to local training needs.

• OT professionals and individuals seeking job opportunities can pinpoint skill sets needed for cross-training and advancement within the meaningful realm of a career in OT cybersecurity. These career pathways encompass possibilities for vertical and lateral progression.

*Referencing OPERATIONAL TECHNOLOGY (OT) CYBERSECURITY COMPETENCY FRAMEWORK(OTCCF)

The training will also encompass NIST (National Institute of Standards and Technology) Special Publication (SP) 800-82r3, a comprehensive guide for enhancing the security of Operational Technology (OT) systems. This guide offers strategies to strengthen the security of OT systems while taking into account their distinctive performance, reliability, and safety prerequisites.

Operational Technology (OT) encompasses a wide array of programmable systems or devices that engage with the physical environment, either through direct interaction or management of devices in the physical realm. These systems and devices play a role in detecting or directly influencing changes via monitoring and/or control of processes, devices, and events. Examples of such systems include industrial control systems (ICS), building automation systems, transportation systems, physical access control systems, systems for monitoring the physical environment, and systems for measuring the physical environment.

The third iteration of SP 800-82 offers an overview of OT and common system configurations, identifies prevalent threats that pose risks to the organization's mission and operational functions supported by OT, outlines typical vulnerabilities present in OT, and presents recommended security measures and countermeasures to effectively manage the associated risks.

Lastly, the training program will address additional national standards that delve into the comprehensive security stance of OT cybersecurity. This aims to provide insight into the distinctions and benefits offered by various standards and regulations within this overarching field. The following topics will also be covered:

• GOVERNANCE REQUIREMENTS

• IDENTIFICATION REQUIREMENTS

• PROTECTION REQUIREMENTS

• DETECTION REQUIREMENTS

• RESPONSE AND RECOVERY REQUIREMENTS

• CYBER RESILIENCY REQUIREMENTS

• CYBERSECURITY TRAINING & AWARENESS

• Other OPERATIONAL TECHNOLOGY (OT) SECURITY REQUIREMENTS

*Referencing Cyber Security Code of Practice (CCOP) published in JULY, 2022