CS 203 – IEC 62443 Cybersecurity for Industrial Automation Control Systems (IACS) for Employees & Contractors

Course Information

Description

This course addresses the quality and understanding employees and contractors need to have on the topic of Cyber Security for the IACS space. The access granted to IACS networks is often the same for employees and contractors. The seriousness of access must be established with a joint work process similar to a Job Safety Assessment. The Job Cyber Assessment is a work process to protect both client and contractor from inadvertent impact on the given IACS cyber protective system The ability to access the client’s network without an impact on the IACS cyber protective systems whilst leveraging the tools on site requires a clear understanding of the following.

 

Organizer Notes

Please read our Terms & Conditions before signing up for our courses.

 

Course Duration

2 days

 

Target Audience

  • Control engineer
  • Maintenance / Instrumentation technician
  • Project engineer
  • Electrical engineer
  • Engineering/Operations management
  • Operator
  • IT personnel
  • Risk manager
 

 

Skills You Will Learn

  • Regulatory, Industry & Client Standards – This section of the training is to provide the attendee a high level view of the standards that apply NIST, DHS, NERC/CIP, ISA, IEC
  • Automation Cyber Hygiene – This section provides practices and tactics regards the IACS that are aligned with the proper level of cyber hygiene for IACS systems that addresses Client Standards Awareness, How to handle & manage; Portable Media, Downloadable Content, Software & Hardware Equipment Inventory
  • Cyber Job Assessment – This section provides pragmatic guidance and rationale for the creation of a Job Cyber Assessment that leads to standard operating & maintenance procedures when accessing IACS networks that pose high risk to the corporation. These cover topics such as Scope, Tools, Approach, Limits of authority, Portable Media Scope Internet file scope, Firmware third-party tools, zone and conduit review/awareness
  • IACS Access – This section provides guidance on Access, Authorization and audit logs for MOC. Tools, access points, Temporary passwords and logons for IACS Access
  • SW/HW Inventory – This section provides guidance on SW/HW inventory that needs to be managed & maintained be on site for the contracted work. Specific applications to avoid, Documentation of hardware set and secure custody responsibility for purchased equipment
  • Offsite work – This section provides guidance for offsite, protocol for offsite engineering scope for IACS equipment Access log, MOC procedures, Internet file down load expectations, procurement stewardship, PC’s and versions management, Equipment Security, etc
  • Onsite work – This section provides guidance for on-site protocol for on-site engineering scope for IACS equipment Access log, MOC, JCA, physical security Backup, Client Cyber Checklist, procurement stewardship, purchasing standard terms and conditions for software development, etc

 Course Topics

  • Introduction & Standards
  • Terminology & Models
  • IACS Cyber Hygiene
  • Job Cyber Assessments (JCA)
  • JCA Develop & Implement
  • On Site Work
  • SW/HW Inventory: Cyber Asset Inventory
  • IACS Access Control
  • Off Site Work
  • Multiple Site Work
  • Performance Measurement
  • Course Review

 

What Participants will get

  • Course Manual with class exercises and solutions
  • Resources such as whitepapers
  • Certificate of Completion

Course Fees

Exclusive rates available for early bird and group signups! Contact us for more details!

Course Schedule