The GICSP certification from GIAC (Global Information Assurance Certification) focuses on the foundational knowledge of securing critical infrastructure assets, e.g. distributed control systems in the process control domain. The GICSP bridges IT, engineering and cyber security to achieve security for industrial control systems from design through retirement.

The GICSP certification is relatively new, and its specific combination of industrial cyber security topics makes it a valuable addition to the curriculum of participants. For experienced IT, engineering and cyber security professionals, it widens their knowledge and formally confirms their experience with the GICSP credential. For those new in this field, the GICSP certification provides a good foundational knowledge on industrial cyber security to work with and from.

The training program will take place from 7 March to 16 May 2024.

Program

The agenda of each session is as follows:

 

  • 15:00 (CET) / 09:00 (EDT) – Training Part 1
  • 16:30 (CET) / 10:30 (EDT) – Break
  • 16:45 (CET) / 10:45 (EDT) – Training Part 2
  • 18:00 (CET) / 12:00 (EDT) – Finish

The following topics will be covered:

Access Management

Access control models, directory services and user access management.

Architecture

Communication mediums and external network communications, field device architecture (e.g. relays, PLC, switch, process unit), industrial protocols (e.g. modbus, modbus TCP, DNP3, Ethernet/IP, OPC), network protocols (e.g. DNS, DHCP, TCP/IP), network segmentation (e.g. partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs), wireless security (e.g. WIFI, wireless sensors, wireless gateways, controllers).

Configuration/Change Management

Change management, baselines, equipment connections, and configuration auditing, software updates, distribution and installation of patches, software reloads and firmware management.

Cyber Security Essentials

attacks and incidents (e.g. man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access), availability (e.g. health and safety, environmental, productivity), cryptographics (e.g. encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints), security tenets (e.g. CIA, non-repudiation, least privilege, separation of duties), threats (e.g. nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious).

Disaster Recovery and Business Continuity

System backup & restoration.

Incident Management

Incident recognition and triage (e.g. log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), incident remediation/recovery, and incident response (e.g. recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine).

Industrial Control Systems

Basic process control systems (e.g. RTU, PLC, DCS, SCADA, metering/telemetry, ethernet I/O, buses, Purdue, ISA 95), safety and protection systems (e.g. SIS, EMS, leak detection, FGS, BMS, vibration monitoring).

Modules’ and Elements’ Hardening

Application security (e.g. database security), embedded devices (e.g. PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations), network security/hardening (e.g. switchport security), operating system security (e.g. unix/linux, windows, least privilege security, virtualization), configuration and endpoint hardening (e.g. anti-malware implementation, updating, monitoring, and sanitization. end point protection including user workstations and mobile devices).

Physical Security

Physical security.

Security Assessments

Security testing tools (e.g. packet sniffer, port scanner, vulnerability scanner), device testing (e.g. communication robustness, fuzzing), risk assessments (e.g. risk, criticality, vulnerability, attack surface analysis, supply chain), penetration testing and exploitation, security assessments.

Security Governance and Risk Management

Risk management (e.g. PHA/hazop usage, risk acceptance, risk/mitigation plan), security policies and procedures development (e.g. exceptions, exemptions, requirements, standards).

Security Monitoring

Event, network, and security logging and monitoring, including archiving logs.

Event details

Date

This training program will take place from Thursday 7 March to Thursday 16 May 2024 (except Thu 9 May 2024 – Ascension Day).

Costs

The price of the CGI GICSP Certification Course / Fall 2023 Edition for external (non-CGI) participants is EUR 3,600.- (approx. USD 3,924.-), excluding 21% VAT. This price includes ten (10) three-hour course sessions conducted via virtual Microsoft Teams Meeting conference calls, and course materials (course slides, exam handout and sample questions).

This price excludes the course book “Industrial Network Security – Second Edition” by Knapp & Langill (approx. EUR 50), and excludes the actual GIAC Registration and GICSP Certification Attempt (exam) costs, which amount to USD 949.- (approx. EUR 870.-).

Location

Online: conducted via virtual Microsoft Teams Meeting conference

Register

CGI neemt haar verantwoordelijkheid met betrekking tot privacy zeer serieus. Lees hierover meer op onze Website Privacy Policy.