Template id = 116
Document id = 8554
Parent id = 1546
Menu
NL

Global Industrial Cyber Security Professional (GICSP)

This 5-day training teaches you how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS). You will be prepared for the Global Industrial Cyber Security Professional (GICSP) certificate of GIAC

Global Industrial Cyber Security Professional (GICSP) – mode of study

  • Option 1: 5-day public training
  • Option 2: In-company training

Global Industrial Cyber Security Professional (GICSP) – a unique and vendor-neutral ICS security certification

GICSP (Global Industrial Cyber Security Professional) is the newest certification in the GIAC family and focuses on the essential knowledge of securing critical infrastructure assets. GICSP is the only certification in the world that explicitly focuses on the cyber security aspects of Industrial Control Systems (ICS). GICSP is a certification for engineers, ICS security professionals and ICS technology specialists.

This unique, vendor-neutral, practitioner-focused Industrial Control System (ICS) security certification is a collaborative effort between GIAC and representatives from a global industry consortium involving organisations that design, deploy, operate and/or maintain industrial automation and control system infrastructure. The consortium of organisations collaboratively established an open Body of Knowledge of Industrial Control Systems (ICS) security, which lays the foundations for the certification framework and associated competency training program.

Global Industrial Cyber Security Professional (GICSP) – why this training and certification?

Numerous incidents have shown that Industrial Automation and Control Systems (IACS) could be vulnerable to cyber attacks and that such attacks can lead to disruption of physical systems and networks. This makes security for IACS an important part of Critical Information Infrastructure Protection (CIIP). This GICSP training is a great introduction to the IACS landscape and associated security concerns.

There is a skills gap with regard to industrial control system personnel, whether it be cyber security skills for engineers or principles for cyber security experts. The training provides you with the essentials for concluding cyber security work in industrial control system environments. This 5-day Global Industrial Cyber Security Professional (GICSP) training teaches you how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS).

When you have completed this GICSP (Global Industrial Cyber Security Professional) training you will have developed an appreciation, understanding and common language that will enable you to work together with your colleagues to secure your Industrial Control System (ICS) environments.

Global Industrial Cyber Security Professional (GICSP) – what will you learn?

The 5-day GICSP training provides the opportunity to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defences. The training is designed in such a way that you will leave with newly gained knowledge, tools and techniques you can put to work immediately in your daily practice. This highly topical Industrial Cyber Security Professional training will provide you with:

  • knowledge about standards and regulations for Industrial Control Systems (ICS);
  • understanding of the threats to the security of process control systems;
  • understanding of the technologies used to carry out security audits;
  • understanding of industrial control system components, purposes, deployments, significant drivers and constraints;
  • hands-on lab learning experiences to control system attack surfaces, methods and tools;
  • control system approaches to system and network defence architectures and techniques;
  • knowledge of how to harden an Industrial Control System (ICS) using end-point protection, securing memorable data or updating systems;
  • incident-response skills in control system environments; and
  • governance models and resources for Industrial Cyber Security Professionals.

Global Industrial Cyber Security Professional (GICSP) – who should attend?

GICSP provides a set of standardized skills and knowledge for Industrial Cyber Security Professionals. The GICSP training is designed to ensure that the workforce involved in supporting and defending Industrial Control Systems (ICS) is trained to keep the operational environment safe, secure and resilient against current and emerging cyber threats.

The GICSP training is designed for the range of individuals who work in, interact with, or can affect industrial control system environments, including asset owners, vendors, integrators and other third parties. The GICSP training brings together control system engineers, IT security professionals, program managers, process control engineers, process control network cyber security engineers, principal security architects, ICS/SCADA security consultants, heads of process control security, directors of reliability & security, senior security engineers, directors of technology, critical infrastructure protection specialists from asset owners and operators along with governmental and research leaders.

Global Industrial Cyber Security Professional (GICSP) – what is it?

  • The GICSP is a new certification that focuses on the essential knowledge for professionals securing industrial technology.
  • The GICSP has been developed for engineers, control system support and security professionals who work in environments addressed by commonly accepted standards related to control system and automation security, including ISA-99/IEC 62443.
  • Holders of the GICSP certificate will demonstrate a globally recognized level of competence that defines the architecture, design, management, risk and controls that assure the security of critical infrastructure.
  • The GICSP is the bridge to bring together IT, engineering and cyber security professionals to achieve security for ICS from design inception to product retirement.
  • The certification establishes a base level of knowledge and understanding for the diverse set of professionals who engineer, operate, secure or support control systems and share responsibility for the security of these environments.
  • This certification is applicable to control system owners/operators across all sectors, ICS vendors, integrators and support organisations and professionals that have access to production industrial control systems from nuclear power plant systems to building automation.
  • The GICSP is expected to be globally adopted as a gateway certification for critical infrastructure industrial control system professionals.

About GIAC (Global Information Assurance Certification) institute

GIAC is an independent information security certification entity founded by SANS institute. GIAC is the leader in information security certifications, cyber security, IT security and forensics & penetration testing certification. GIAC has granted over 60,000 certifications to validate the skills and knowledge of information security professionals. The SANS institute is a private U.S. company that specializes in information security and cyber security trainings.

Global Industrial Cyber Security Professional (GICSP) – certification objectives

The certification objectives for the GIAC Global Industrial Cyber Security Professional (GIAC) training are:

ICS Architecture

  • Communication medium
  • Defense in depth
  • External network communications
  • Field device architecture
  • Industrial protocols
  • Network protocols
  • Network segmentation
  • Wireless security

ICS Security Assessments

  • Device testing
  • Penetration testing and exploitation
  • Security assessments
  • Security tools

ICS Security Monitoring

  • Archiving
  • Event monitoring and logging
  • Network monitoring and logging
  • Security monitoring and logging

Configuration/Change Management

  • Change management, baselines, equipment connections and auditing
  • Distribution and installation of patches
  • Software reloads and firmware management

Disaster Recovery and Business Continuity

  • System backup
  • System restoration

Incident Management

  • Incident recognition and triage
  • Incident remediation/recovery
  • Incident response

ICS Security Governance and Risk Management

Physical Security

  • Knowledge of physical security

Industrial Automation & Control Systems (IACS)

  • Basic process control systems
  • Critical infrastructure sector
  • Safety and protection systems

ICS Modules and Elements Hardening

  • Anti-malware implementation, updating, monitoring and sanitiza
  • Application security
  • Embedded services
  • End-point protection including user workstations and mobile devices
  • Network security/hardening
  • OS security
  • Removable media

Cyber Security Essentials for ICS

  • Attacks and incidents
  • Availability
  • Cryptographics
  • Securing awareness programs
  • Security tenets
  • Threats

Access Management

Global Industrial Cyber Security Professional (GICSP) – course material

The 5-day GICSP training consists of theory, practical examples and instructional hands-on sessions. You will also take part in a series of practical exercises to consolidate your knowledge of using both wired and wireless networks. The lab sessions are designed to allow you to utilize the knowledge gained throughout the training in an instructor-led environment. You will receive the official courseware, which can also be used as post-course resources. A laptop is required.

Global Industrial Cyber Security Professional (GICSP) – examination highlights

The exam to become a Global Industrial Cyber Security Professional (GICSP) consists of 115 (100 scored/15 non-scored) beta questions. The exam takes 3 hours. The minimum passing score is 69%. The exam isn't included in the training. Test delivery is computer based and proctored by Pearson Vue at over 4,000 global testing centers. The GICSP certification is valid for 4 years. Continuing professional education requirements are consistent with GIAC standards.

Global Industrial Cyber Security Professional (GICSP) – prerequisites

In order to be successful in this training, you will need a good understanding of basic computer networking and security principles. You will also need to be familiar with networking protocols and ideally have a CompTIA Nework+ certification.

Global Industrial Cyber Security Professional (GICSP) – limited number of participants

Due to the interactive character of this training and to optimise the benefits the participants derive from the various exercises, the number of participants is limited.

Partners

     
Would you like your logo/banner to be displayed here and are you interested in becoming a partner? Join us now and you and your business will have exposure during our monthly courses, on our website, in our brochures and through our newsletters. Contact us for more information!

In-company

Do you prefer an in-house Global Industrial Cyber Security Professional (GICSP) training?

With at least 5 delegates an in-house training to become a Global Industrial Cyber Security Professional (GICSP) could be your best choice. Are you interested? Please call us at +31 (0)40 246 02 20 or send an e-mail to info@imfacademy.com to discuss the possibilities.

Content

Global Industrial Cyber Security Professional (GICSP) – training programme

Introduction

  • Overview
  • Knowledge of critical infrastructure

Governance & Risk Management

  • Global security standards
  • Practices and regulations
  • Security lifecycle
  • Security policies

Security Essentials

  • Types of threat
  • Attacks and incidents

System security

  • Tenets of security
  • Security awareness
  • Physical security
  • Crytography

ICS Architecture

  • Communication mediums
  • Device architecture
  • Process control systems
  • Industrial protocols
  • Network protocols
  • Network segmentation
  • Wireless security

Hardening ICS

  • Updating systems
  • Application security
  • Embedded devices
  • End-point protection
  • Hardening network security
  • Operating system security
  • Securing removable media

Access controls

  • Access control model
  • Directory service
  • User access management

Change Management

  • Baselines and auditing
  • Patch distribution and installation
  • Software and firmware management

Incident Management

  • Recognition and response
  • Incident recovery

Business Continuity

  • Defense in depth
  • High availability
  • Site redundancy
  • System backups and restores

System Auditing

  • Security assessments
  • Device testing
  • Monitoring and logging
  • Penetration testing and exploitation

Request brochure

Trainer(s)

The trainer of the Global Industrial Cyber Security Professional (GICSP) training, is a very experienced GIAC/SANS certified instructor.

Start date(s)

The Global Industrial Cyber Security Professional (GICSP) training consists of 5 days. The training will take place in various locations in and around the Netherlands. During this training you will stay in the hotel/accomodation where the training is being held (included in the training fee).

 Global Industrial Cyber Security Professional (GICSP) - training I

  • 29 April - 3 May 2019

Fee / Registration

The fee for the Global Industrial Cyber Security Professional (GICSP) training is € 4,850 (VAT excl.) per person. The fee includes accommodation (this is also the training location), dinners, lunches, coffee, tea, course materials and hands-on sessions

Step 1/4: Your selection


Terms & Conditions
Delegates may transfer to a later training (if possible), but must notify us 2 weeks prior to the start of the booked training. In case you are not able to attend, an alternate participant for the training can be substituted within 14 days of the training commencement for no additional charge.

Written cancellations will be accepted up to 2 weeks prior to the commencement of the Global Industrial Cyber Security Professional (GICSP) training. We will incur 25% of the charge (with a minimum of € 350) administration costs. If you cancel within 2 weeks before the start of the Global Industrial Cyber Security Professional (GICSP) training, you have to pay 100% of the charge.

Payment
Payment for course fees must be received before the start of the course, though always within 30 days of the  invoice date.

Global Industrial Cyber Security Professional (GICSP)

Register! Brochure IN-COMPANY