Global Industrial Cyber Security Professional (GICSP)

IMF Academy
A London (Inghilterra) eAmsterdam (Paesi Bassi), Amsterdam (Paesi Bassi)

£ 2.480 - (2.945 )
+IVA

Informazione importanti

Descrizione

GICSP (Global Industrial Cyber Security Professional) is the newest certification in the GIAC family and focuses on the essential knowledge of securing critical infrastructure assets. GICSP is the only certification in the world that explicitly focuses on the cyber security aspects of Industrial Control Systems (ICS). GICSP is a certification for engineers, ICS security professionals and ICS technology specialists.


This unique, vendor-neutral, practitioner-focused Industrial Control System (ICS) security certification is a collaborative effort between GIAC and representatives from a global industry consortium involving organisations that design, deploy, operate and/or maintain industrial automation and control system infrastructure. The consortium of organisations collaboratively established an open Body of Knowledge of Industrial Control Systems (ICS) security, which lays the foundations for the certification framework and associated competency training program.

Global Industrial Cyber Security Professional (GICSP) - why this training and certification?
Numerous incidents have shown that Industrial Automation and Control Systems (IACS) could be vulnerable to cyber attacks and that such attacks can lead to disruption of physical systems and networks. This makes security for IACS an important part of Critical Information Infrastructure Protection (CIIP). This GICSP training is a great introduction to the IACS landscape and associated security concerns.

There is a skills gap with regard to industrial control system personnel, whether it be cyber security skills for engineers or principles for cyber security experts. The training provides you with the essentials for concluding cyber security work in industrial control system environments. This 5-day Global Industrial Cyber Security Professional (GICSP) training teaches you how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS).

Informazione importanti
Quali sono gli obiettivi della formazione?

The 5-day GICSP training provides the opportunity to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defences. The training is designed in such a way that you will leave with newly gained knowledge, tools and techniques you can put to work immediately in your daily practice. This highly topical Industrial Cyber Security Professional training will provide you with:
- knowledge about standards and regulations for Industrial Control Systems (ICS);
- understanding of the threats to the security of process control systems;
- understanding of the technologies used to carry out security audits;
- understanding of industrial control system components, purposes, deployments, significant drivers and constraints;
- hands-on lab learning experiences to control system attack surfaces, methods and tools;
- control system approaches to system and network defence architectures and techniques;
- knowledge of how to harden an Industrial Control System (ICS) using end-point protection, securing memorable data or updating systems;
- incident-response skills in control system environments; and
- governance models and resources for Industrial Cyber Security Professionals.

È la formazione giusta per me?

GICSP provides a set of standardized skills and knowledge for Industrial Cyber Security Professionals. The GICSP training is designed to ensure that the workforce involved in supporting and defending Industrial Control Systems (ICS) is trained to keep the operational environment safe, secure and resilient against current and emerging cyber threats.

The GICSP training is designed for the range of individuals who work in, interact with, or can affect industrial control system environments, including asset owners, vendors, integrators and other third parties. The GICSP training brings together control system engineers, IT security professionals, program managers, process control engineers, process control network cyber security engineers, principal security architects, ICS/SCADA security consultants, heads of process control security, directors of reliability & security, senior security engineers, directors of technology, critical infrastructure protection specialists from asset owners and operators along with governmental and research leaders.

Requisiti: In order to be successful in this training, you will need a good understanding of basic computer networking and security principles. You will also need to be familiar with networking protocols and ideally have a CompTIA Nework+ certification.

Sedi

Dove e quando

Inizio Luogo Orario
08 maggio 2017
Amsterdam
Noord Holland, Paesi Bassi
Visualizza mappa
8 - 12 May 2017
13 marzo 2017
Amsterdam
Noord Holland, Paesi Bassi
Visualizza mappa
-
13 marzo 2017
London
Unknown, London, Inghilterra
Visualizza mappa
-
08 maggio 2017
London
Unknown, London, Inghilterra
Visualizza mappa
8 - 12 May 2017

Cosa impari in questo corso?

Security Awareness
Management
Risk
Monitoring
Access
Security
Risk Management
IT
Network
Network security
Global
systems
IT risk
Regulations
IT Security
Network Training
Operating System
IT Management
Wireless
Skills and Training

Programma

Global Industrial Cyber Security Professional (GICSP) - training programme


Introduction

  • Overview
  • Knowledge of critical infrastructure


Governance & Risk Management

  • Global security standards
  • Practices and regulations
  • Security lifecycle
  • Security policies


Security Essentials

  • Types of threat
  • Attacks and incidents


System security

  • Tenets of security
  • Security awareness
  • Physical security
  • Crytography


ICS Architecture

  • Communication mediums
  • Device architecture
  • Process control systems
  • Industrial protocols
  • Network protocols
  • Network segmentation
  • Wireless security


Hardening ICS

  • Updating systems
  • Application security
  • Embedded devices
  • End-point protection
  • Hardening network security
  • Operating system security
  • Securing removable media


Access controls

  • Access control model
  • Directory service
  • User access management


Change Management

  • Baselines and auditing
  • Patch distribution and installation
  • Software and firmware management


Incident Management

  • Recognition and response
  • Incident recovery


Business Continuity

  • Defense in depth
  • High availability
  • Site redundancy
  • System backups and restores


System Auditing

  • Security assessments
  • Device testing
  • Monitoring and logging
  • Penetration testing and exploitation