GICSP – Global Industrial Cyber Security Professional
This 5-day training will prepare you for the Global Industrial Cyber Security Professional (GICSP) certificate of GIAC. You will learn how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS)
GICSP (Global Industrial Cyber Security Professional) – mode of study
- Option 1: 5-day training (in-class and live online)
- Option 2: In-company training
GICSP – the only vendor-neutral ICS security certification in the world
GICSP (Global Industrial Cyber Security Professional) is the most sought-after certification in the GIAC family and focuses on the essential knowledge of securing critical infrastructure assets. GICSP is the only certification in the world that explicitly focuses on the cyber security aspects of Industrial Control Systems (ICS).
This GICSP certification is a unique, vendor-neutral, practitioner-focused Industrial Control System (ICS) security certification and offers the highest standard in cyber security certifications which align with SANS institute.
About GIAC (Global Information Assurance Certification) Institute
GIAC is an independent information security certification entity, founded by SANS institute. GIAC is the leader in information security, cyber security, IT security and forensics & penetration testing certifications. GIAC has granted over 60,000 certifications worldwide to validate the skills and knowledge of (information) security professionals. SANS institute is a private U.S. company that specializes in information security and cyber security trainings.
Why take the GICSP training and certification?
Numerous incidents have shown that Industrial Automation and Control Systems (IACS) could be vulnerable to cyber attacks and that such attacks can lead to disruption of physical systems and networks. This makes security for IACS an important part of Critical Information Infrastructure Protection (CIIP). This GICSP training is a great introduction to the IACS landscape and associated security concerns:
- GICSP is a relatively new certification that focuses on the essential knowledge for professionals securing industrial technology
- GICSP has been developed for engineers, control system support and security professionals who work in environments addressed by commonly accepted standards related to control system and automation security, including ISA-99/IEC 62443
- Holders of the GICSP certificate will demonstrate a globally recognized level of competence that defines the architecture, design, management, risk and controls that assure the security of critical infrastructure
- GICSP is the bridge to bring together IT, engineering and cyber security professionals to achieve security for ICS from design inception to product retirement
- The certification establishes a base level of knowledge and understanding for the diverse set of professionals who engineer, operate, secure or support control systems and share responsibility for the security of these environments
- This certification is applicable to control system owners/operators across all sectors, ICS vendors, integrators and support organisations and professionals that have access to production industrial control systems from nuclear power plant systems to building automation
- GICSP is expected to be globally adopted as a gateway certification for critical infrastructure industrial control system professionals
There is a skills gap with regard to industrial control system personnel, whether it be cyber security skills for engineers or principles for cyber security experts. The GICSP training provides you with the essentials for concluding cyber security work in industrial control systems environments. The 5-day training teaches you how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS).
When you have completed the GICSP training you will have developed an appreciation, understanding and common language that will enable you to work together with your colleagues to secure your Industrial Control System (ICS) environments.
What will you learn?
The 5-day GICSP training provides the opportunity to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defences. The training is designed in such a way that you will leave with newly gained knowledge, tools and techniques you can put to work immediately in your daily practice. This highly topical Industrial Cyber Security Professional training will provide you with:
- knowledge about standards and regulations for Industrial Control Systems (ICS)
- understanding of the threats to the security of process control systems
- understanding of the technologies used to carry out security audits
- understanding of industrial control system components, purposes, deployments, significant drivers and constraints
- hands-on lab learning experiences to control system attack surfaces, methods and tools
- control system approaches to system and network defence architectures and techniques
- knowledge of how to harden an Industrial Control System (ICS) using end-point protection, securing memorable data or updating systems
- incident-response skills in control system environments
- governance models and resources for industrial cyber security professionals
Who should attend?
GICSP provides a set of standardized skills and knowledge for industrial cyber security professionals. The GICSP training is designed to ensure that the workforce involved in supporting and defending Industrial Control Systems (ICS) is trained to keep the operational environment safe, secure and resilient against current and emerging cyber threats.
The GICSP training is designed for the range of individuals who work in, interact with, or can affect industrial control system environments, including asset owners, vendors, integrators and other third parties. The GICSP training brings together control system engineers, IT security professionals, program managers, process control engineers, process control network cyber security engineers, principal security architects, ICS/SCADA security consultants, heads of process control security, directors of reliability & security, senior security engineers, directors of technology, critical infrastructure protection specialists from asset owners and operators along with governmental and research leaders.
GICSP examination highlights
The exam to become a Global Industrial Cyber Security Professional (GICSP) consists of 115 (100 scored/15 non-scored) ''beta'' questions. The exam takes 3 hours. The minimum passing score is 71%. The exam isn't included in the training. Test delivery is computer based and proctored by Pearson Vue at over 4,000 global testing centers. You can take the official exam also remote in a proctored environment.
Prerequisites to be successful in this training
In order to be successful in this training, you will need a good understanding of basic computer networking and security principles. You will also need to be familiar with networking protocols and ideally have a CompTIA Nework+ certification.
The GICSP certification is valid for 4 years. Continuing Professional Education (CPE) requirements are consistent with GIAC standards.
Feedback from former delegates
Former delegates rate this Global Industrial Cyber Security Professional (GICSP) training with a 9 (on a scale from 1 to 10).
"Excellent instructor with endless amount of energy and humor. He has a deep knowledge of the industry and managed to keep the whole group focussed and awake."
Marty Knopert, Honeywell
"Best course I've attended."
Daniel Grabski, Honeywell
"It was obvious that the trainer has a huge knowledge of the ICS Cyber Security world. He made the course very pleasant and useful."
Cristina Zuniga, Honeywell
"Very structured. Very detailed. The trainer is experienced, prepared and sincere."
"The trainer demonstrated indepth knowledge about the subject, while also keeping me awake with an excellent sense of humor."
Konstantin Rogalas, Honeywell
The following trainings could be interesting/relevant for you and/or your colleagues:
- Certified Cloud Security Professional (CCSP)
- Certified Fraud Examiner (CFE)
- Certified Security Software Lifecycle Professional (CSSLP)
- Cloud Security (CCSK) - classroom and e-learning
- Identity Management & Access Control
- ISO 31000 Risk Management
- Risk Management - Certified ISO 27005 Risk Manager
- Master in Cyber Security
- Cyber Security Fundamentals certification
- Cyber Security Audit certification
- C/CISO (Certified Information Security Officer)
- Cyber Security - First Responder (CFR)
Do you prefer an in-house training on GICSP? An in-house training on GICSP, customized to your organization, has many advantages and:
- Saves you and your colleagues time and travel and accomodation expenses
- Enables you to train in the comfort of your own working environment
- Can be arranged for groups with a minimum of 5 people
- Can be arranged at a time convenient for you
- Sensitive issues can be openly discussed because there are no outsiders
For more information on this GICSP course, the in-house possibilities or for any other question, please contact us directly at +31 (0)40 - 246 02 20 or send an e-mail to email@example.com.
- Knowledge of critical infrastructure
Governance & Risk Management
- Global security standards
- Practices and regulations
- Security lifecycle
- Security policies
- Types of threat
- Attacks and incidents
- Tenets of security
- Security awareness
- Physical security
- Communication mediums
- Device architecture
- Process control systems
- Industrial protocols
- Network protocols
- Network segmentation
- Wireless security
- Updating systems
- Application security
- Embedded devices
- End-point protection
- Hardening network security
- Operating system security
- Securing removable media
- Access control model
- Directory service
- User access management
- Baselines and auditing
- Patch distribution and installation
- Software and firmware management
- Recognition and response
- Incident recovery
- Defense in depth
- High availability
- Site redundancy
- System backups and restores
- Security assessments
- Device testing
- Monitoring and logging
- Penetration testing and exploitation
When you pass the GIAC-GICSP exam successfully you will earn the official GICSP title.
Your guarantee for certification
Should you not pass the GICSP exam the first time, you may re-attend the GICSP training for free (within a period of one year after the training). You only pay for the hotel accomodation and the exam.
The trainer of the Global Industrial Cyber Security Professional (GICSP) training is a very experienced instructor.
The Global Industrial Cyber Security Professional (GICSP) training consists of 5 consecutive days. You can join the training physically and live online (up to your choice). The training will be organized in the Netherlands. You can join the training on the following dates:
Global Industrial Cyber Security Professional (GICSP) - trainings
- 22 - 26 Januari, 2021
- 26 - 30 April, 2021