The GICSP certification from GIAC (Global Information Assurance Certification) focuses on the foundational knowledge of securing critical infrastructure assets, e.g. distributed control systems in the process control domain. The GICSP bridges IT, engineering and cyber security to achieve security for industrial control systems from design through retirement.

The GICSP certification is relatively new, and its specific combination of industrial cyber security topics makes it a valuable addition to the curriculum of participants. For experienced IT, engineering and cyber security professionals, it widens their knowledge and formally confirms their experience with the GICSP credential. For those new in this field, the GICSP certification provides a good foundational knowledge on industrial cyber security to work with and from.

The training program will consist of three editions:

  • Fall 2023 Edition: 12 October to 14 December 2023
  • Winter 2023 Edition: 30 November 2023 to 8 February 2024
  • Spring 2024 Edition: 7 March to 16 May 2024


The agenda of each session is as follows:


  • 15:00 (CET) / 09:00 (EDT) – Training Part 1
  • 16:30 (CET) / 10:30 (EDT) – Break
  • 16:45 (CET) / 10:45 (EDT) – Training Part 2
  • 18:00 (CET) / 12:00 (EDT) – Finish

The following topics will be covered:

Access Management

Access control models, directory services and user access management.


Communication mediums and external network communications, field device architecture (e.g. relays, PLC, switch, process unit), industrial protocols (e.g. modbus, modbus TCP, DNP3, Ethernet/IP, OPC), network protocols (e.g. DNS, DHCP, TCP/IP), network segmentation (e.g. partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs), wireless security (e.g. WIFI, wireless sensors, wireless gateways, controllers).

Configuration/Change Management

Change management, baselines, equipment connections, and configuration auditing, software updates, distribution and installation of patches, software reloads and firmware management.

Cyber Security Essentials

attacks and incidents (e.g. man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access), availability (e.g. health and safety, environmental, productivity), cryptographics (e.g. encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints), security tenets (e.g. CIA, non-repudiation, least privilege, separation of duties), threats (e.g. nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious).

Disaster Recovery and Business Continuity

System backup & restoration.

Incident Management

Incident recognition and triage (e.g. log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), incident remediation/recovery, and incident response (e.g. recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine).

Industrial Control Systems

Basic process control systems (e.g. RTU, PLC, DCS, SCADA, metering/telemetry, ethernet I/O, buses, Purdue, ISA 95), safety and protection systems (e.g. SIS, EMS, leak detection, FGS, BMS, vibration monitoring).

Modules’ and Elements’ Hardening

Application security (e.g. database security), embedded devices (e.g. PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations), network security/hardening (e.g. switchport security), operating system security (e.g. unix/linux, windows, least privilege security, virtualization), configuration and endpoint hardening (e.g. anti-malware implementation, updating, monitoring, and sanitization. end point protection including user workstations and mobile devices).

Physical Security

Physical security.

Security Assessments

Security testing tools (e.g. packet sniffer, port scanner, vulnerability scanner), device testing (e.g. communication robustness, fuzzing), risk assessments (e.g. risk, criticality, vulnerability, attack surface analysis, supply chain), penetration testing and exploitation, security assessments.

Security Governance and Risk Management

Risk management (e.g. PHA/hazop usage, risk acceptance, risk/mitigation plan), security policies and procedures development (e.g. exceptions, exemptions, requirements, standards).

Security Monitoring

Event, network, and security logging and monitoring, including archiving logs.

Event details


This training program will consist of three editions. On the registration form, you can choose the edition you wish to register for. The dates for each edition are as followed:

  • Fall 2023 Edition: Thu 12 October to Thu 14 December 2023
  • Winter 2023 Edition: Thu 30 November 2023 to Thu 8 February 2024 (except Thu 28 December 2023 – Holiday Season)
  • Spring 2024 Edition: Thu 7 March to Thu 16 May 2024 (except Thu 9 May 2024 – Ascension Day)

The price of the CGI GICSP Certification Course / Fall 2023 Edition for external (non-CGI) participants is EUR 3,600.- (approx. USD 3,924.-), excluding 21% VAT. This price includes ten (10) three-hour course sessions conducted via virtual Microsoft Teams Meeting conference calls, and course materials (course slides, exam handout and sample questions).

This price excludes the course book “Industrial Network Security – Second Edition” by Knapp & Langill (approx. EUR 50), and excludes the actual GIAC Registration and GICSP Certification Attempt (exam) costs, which amount to USD 949.- (approx. EUR 870.-).


Online: conducted via virtual Microsoft Teams Meeting conference


For which training edition would you like to register?
CGI neemt haar verantwoordelijkheid met betrekking tot privacy zeer serieus. Lees hierover meer op onze Website Privacy Policy.