Shop
Cancel

IACS Cybersecurity Operations & Maintenance (IC37)

Length: 3 days
CEUs: 2.1
Certificate Program: Part of the ISA/IEC 62443 Cybersecurity Certificate Program
Your course registration includes your registration for the exam.

Looking for the online version of this course?
View our online resources page for this course and many others.

Description

The third phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting, security monitoring and incident response, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change, backup and recovery procedures and periodic cybersecurity audits.

This course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an ever changing threat environment.

You will be able to

  • Perform basic network diagnostics and troubleshooting
  • Interpret the results of IACS device diagnostic alarms and event logs
  • Implement IACS backup and restoration procedures
  • Describe the IACS patch management life cycle and procedure
  • Apply an antivirus management procedure
  • Define the basics of application control and white listing tools
  • Define the basics of network and host intrusion detection
  • Define the basics of security incident and event monitoring tools
  • Implement an incident response plan
  • Implement an IACS management of change procedure
  • Conduct a basic IACS cyber security audit

You will cover

  • Introduction to the ICS Cybersecurity Lifecycle
    • Identification & Assessment phase
    • Design & Implementation phase
    • Operations & Maintenance phase
  • Network Diagnostics and Troubleshooting
    • Interpreting device alarms and event logs
    • Early indicators
    • Network intrusion detection systems
    • Network management tools
  • Application Diagnostics and Troubleshooting
    • Interpreting OS and application alarms and event logs
    • Early indicators
    • Application management and whitelisting tools
    • Antivirus and endpoint protection tools
    • Security incident and event monitoring (SIEM) tools
  • IACS Cybersecurity Operating Procedures & Tools
    • Developing and following an IACS management of change procedure
    • Developing and following an IACS backup procedure
    • IACS configuration management tools
    • Developing and following an IACS patch management procedure
    • Patch management tools
    • Developing and following an IACS antivirus management procedure
    • Antivirus and whitelisting tools
    • Developing and following an IACS cybersecurity audit procedure
    • Auditing tools
  • IACS incident response
    • Developing and following an IACS incident response plan
    • Incident investigation
    • System recovery

Classroom/Laboratory Exercises

  • Building the Board
  • Patch Management
  • Snort Intrusion Detection System
  • Monitoring
  • Whitelisting
  • Versioning and Backups
  • Troubleshooting

Who Should Attend?

  • Operations and maintenance personnel
  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers industrial facilities
  • Plant Safety and Risk Management

Recommended Prerequisites

ISA Courses TS06, TS12, TS20, IC32, IC33 and IC34 or equivalent knowledge/experience.

For more information

Contact us at +1 919-549-8411 or info@isa.org to start your company on the path to well-trained employees.