Global Industrial Cyber Security Professional (GICSP)

IMF Academy
En London (Inglaterra) yAmsterdam (Holanda), Amsterdam (Holanda)

£ 2.480 - ($ 9.301.303)
+ IVA

Información importante

Descripción

GICSP (Global Industrial Cyber Security Professional) is the newest certification in the GIAC family and focuses on the essential knowledge of securing critical infrastructure assets. GICSP is the only certification in the world that explicitly focuses on the cyber security aspects of Industrial Control Systems (ICS). GICSP is a certification for engineers, ICS security professionals and ICS technology specialists.


This unique, vendor-neutral, practitioner-focused Industrial Control System (ICS) security certification is a collaborative effort between GIAC and representatives from a global industry consortium involving organisations that design, deploy, operate and/or maintain industrial automation and control system infrastructure. The consortium of organisations collaboratively established an open Body of Knowledge of Industrial Control Systems (ICS) security, which lays the foundations for the certification framework and associated competency training program.

Global Industrial Cyber Security Professional (GICSP) - why this training and certification?
Numerous incidents have shown that Industrial Automation and Control Systems (IACS) could be vulnerable to cyber attacks and that such attacks can lead to disruption of physical systems and networks. This makes security for IACS an important part of Critical Information Infrastructure Protection (CIIP). This GICSP training is a great introduction to the IACS landscape and associated security concerns.

There is a skills gap with regard to industrial control system personnel, whether it be cyber security skills for engineers or principles for cyber security experts. The training provides you with the essentials for concluding cyber security work in industrial control system environments. This 5-day Global Industrial Cyber Security Professional (GICSP) training teaches you how to combine IT, cyber security and engineering best practices to secure your Industrial Control Systems (ICS).

Información importante
¿Qué objetivos tiene esta formación?

The 5-day GICSP training provides the opportunity to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defences. The training is designed in such a way that you will leave with newly gained knowledge, tools and techniques you can put to work immediately in your daily practice. This highly topical Industrial Cyber Security Professional training will provide you with:
- knowledge about standards and regulations for Industrial Control Systems (ICS);
- understanding of the threats to the security of process control systems;
- understanding of the technologies used to carry out security audits;
- understanding of industrial control system components, purposes, deployments, significant drivers and constraints;
- hands-on lab learning experiences to control system attack surfaces, methods and tools;
- control system approaches to system and network defence architectures and techniques;
- knowledge of how to harden an Industrial Control System (ICS) using end-point protection, securing memorable data or updating systems;
- incident-response skills in control system environments; and
- governance models and resources for Industrial Cyber Security Professionals.

¿Esta formación es para mí?

GICSP provides a set of standardized skills and knowledge for Industrial Cyber Security Professionals. The GICSP training is designed to ensure that the workforce involved in supporting and defending Industrial Control Systems (ICS) is trained to keep the operational environment safe, secure and resilient against current and emerging cyber threats.

The GICSP training is designed for the range of individuals who work in, interact with, or can affect industrial control system environments, including asset owners, vendors, integrators and other third parties. The GICSP training brings together control system engineers, IT security professionals, program managers, process control engineers, process control network cyber security engineers, principal security architects, ICS/SCADA security consultants, heads of process control security, directors of reliability & security, senior security engineers, directors of technology, critical infrastructure protection specialists from asset owners and operators along with governmental and research leaders.

Requisitos: In order to be successful in this training, you will need a good understanding of basic computer networking and security principles. You will also need to be familiar with networking protocols and ideally have a CompTIA Nework+ certification.

Sedes

Dónde se imparte y en qué fechas

Inicio Ubicación Horario
08 mayo 2017
Amsterdam
Noord Holland, Holanda
Ver mapa
8 - 12 May 2017
13 marzo 2017
Amsterdam
Noord Holland, Holanda
Ver mapa
-
13 marzo 2017
London
Unknown, London, Inglaterra
Ver mapa
-
08 mayo 2017
London
Unknown, London, Inglaterra
Ver mapa
8 - 12 May 2017

¿Qué aprendes en este curso?

Security Awareness
Management
Risk
Monitoring
Access
Security
Risk Management
IT
Network
Network security
Global
systems
IT risk
Regulations
IT Security
Network Training
Operating System
IT Management
Wireless
Skills and Training

Programa académico

Global Industrial Cyber Security Professional (GICSP) - training programme


Introduction

  • Overview
  • Knowledge of critical infrastructure


Governance & Risk Management

  • Global security standards
  • Practices and regulations
  • Security lifecycle
  • Security policies


Security Essentials

  • Types of threat
  • Attacks and incidents


System security

  • Tenets of security
  • Security awareness
  • Physical security
  • Crytography


ICS Architecture

  • Communication mediums
  • Device architecture
  • Process control systems
  • Industrial protocols
  • Network protocols
  • Network segmentation
  • Wireless security


Hardening ICS

  • Updating systems
  • Application security
  • Embedded devices
  • End-point protection
  • Hardening network security
  • Operating system security
  • Securing removable media


Access controls

  • Access control model
  • Directory service
  • User access management


Change Management

  • Baselines and auditing
  • Patch distribution and installation
  • Software and firmware management


Incident Management

  • Recognition and response
  • Incident recovery


Business Continuity

  • Defense in depth
  • High availability
  • Site redundancy
  • System backups and restores


System Auditing

  • Security assessments
  • Device testing
  • Monitoring and logging
  • Penetration testing and exploitation