Cybersecurity is mostly linked with IT organizations or businesses where data is the key asset. However, the idea of the Internet of Things “IoT” has changed this concept. Today, almost every industry has some sort of smart-devices utilizing internet resources while performing different industrial tasks. Health, manufacturing, finance, mining, trade, retail, and transportation are few of the industries that are widely using internet resources and the concept of connected devices. This development has transformed the traditional industrial notion into a modern industrial concept where the internet plays an important role. On the other side, hackers also take this evolution as an opportunity to fulfill their criminal desires. According to 2019’s Verizon Data Breach Investigation Report, 39% of the total cyber-attacks were performed by organized cyber groups, affecting almost every industry. Therefore, like every IT organization, the traditional industries also require cyber-security experts who do have an understanding of industrial equipment as a threat vector and expertise to diffuse any cyber-attack. Some cyber-security certification bodies have introduced industrial cyber-security certifications that assess the competency of professionals in handling industry-level cyber challenges. Following is a brief overview of such industry-related cyber-security credentials.
Global Industrial Cyber Security Professional (GICSP)
GICSP certification evaluates the professionals’ ability to secure industrial control systems. Global Information Assurance Certification (GIAC) body designed GICSP certification in collaboration with global industry consortium members responsible for designing, deploying, operating, and/or maintaining the industrial automation and control systems infrastructure. The certification combines cybersecurity, IT, and Engineering together to achieve the security goals at all stages of industrial processes.
Who is GICSP For?
- IT Practitioners
- IT Engineers
- Security Analysts
- Industry Managers
- Industry Professionals with Operational Technology Support
- Industry Professionals with Operation Technology Security
In order to become GICSP certified, candidates must pass the following exam.
Exam Type: Pearson VUE Proctored Exam
Total Questions: 115
Exam Duration: 3 Hours
Passing Score: 71%
GICSP Topic Areas
GICSP certification test does not require any specific training. The candidates must have expertise in the following Industrial Control Systems (ICS) topics to successfully attempt the exam.
- Industrial Control Systems (ICS) Concepts
- ICS Technology Overview and Compromises at Different Levels
- ICS Intelligence Gathering
- Operating Systems Hardening
- Fundamentals of ICS Design, Architecture, and Procurement
- ICS Program and Policy Development
- ICS Wireless Technologies and Compromises
- Risk-Based Incident Response and Disaster Recovery
GIAC Response and Industrial Defense (GRID)
The GRID certification validates the active defense aptitude of professionals working for ICS networks and systems. The GRID certified professionals are considered capable of handling ICS-specific attacks by deploying active defense strategies and policies.
Who is GRID For?
- IT Security Professionals
- ICS Penetration Testers
- ICS Read Teamers
- Active Defenders
- ICS Team Leads
- SOC Team Leads
The GRID certification can be obtained by passing the Pearson VUE proctored exam. The exam must be scheduled in advanced through GIAC online exam portal. The exam is based on the following format.
Exam Type: Proctored Exam
Total Questions: 150
Exam Duration: 3 Hours
Passing Score: 74%
GRID Topic Areas
GRID exam comprises of questions taken from the following topics.
- Active Defense Concepts
- Discovery and Monitoring in ICS
- Detection and Analysis in ICS
- Digital Forensics in ICS Environment
- Incident Response in ICS Environment
- Malware and Threat Analysis
- Fundamentals of Threat Analysis
Certified SCADA Security Architect (CSSA)
Many industries like Power, water treatment, oil, and gas use Supervisory Control And Data Acquisition (SCADA) system for real-time monitoring and controlling of different industrial equipment. SCADA system has real-time data collection and processing capabilities. SCADA system is also vulnerable to various cyber-attacks though. The Information Assurance Certification Review Board (IACRB) offers CSSA certification that evaluates an individual’s ability to secure SCADA system.
Who is CSSA For?
- Industrial Network Administrators
- Industrial Network Managers
- IT Professionals
- Security Analysts
Candidates interested in the certification should pass the CSSA exam set by IACRB. The exam is based on 100 random questions to be solved in two hours.
CSSA Domains
The CSSA certification covers the following domains.
- Access Control
- SCADA Security Standards
- SCADA Best Practices
- SCADA Cyber-attacks Detection
- SCADA Security Policy
- Authorization and User Authentication
- Vulnerability Assessment
GIAC Critical Infrastructure Protection (GCIP)
The GCIP certification focuses on the security of critical infrastructures like bulk electric systems. The GCIP professionals are trusted for their abilities to achieve cybersecurity objectives in critical systems.
Who is GCIP For?
- Security Analysts
- Incident Response Analysts
- ICS Cyber-security Practitioners
- Field Support Staff
- Vendors
- Auditors
The individuals can earn GCIP credential by passing the GCIP exam. The GCIP exam is based on the following format.
Exam Type: Proctored Exam
Total Questions: 75
Exam Duration: 3 Hours
Passing Score: 70%
GCIP Topic Areas
The GCIP exam encompasses the following topics.
- Bulk Electric System (BES) Cyber System Categorization
- Vulnerabilities Assessment and Configuration Change Management
- Incident Response and Reporting
- NERC-CIP Terms and Definition
- BES Cyber Systems Physical Security
- BES Cyber Systems Recovery Plans
- Security Management Controls
- System Security Management
- Development and Enforcement of Standards
Certificate in Cybersecurity for Industrial Automation and Control Systems
The University of Kansas (KU) offers an online certificate in cyber-security that focuses on securing industrial automation and control systems. The certification is based on the course that covers industrial automation and control system components, how different cyber-attacks can compromise these components, and how to protect the industry from various cyber-attacks.
Target Audience
- SCADA Engineers
- Data System Engineers
- Operation Engineers
- IT Architects
- Instrumentation and Control Systems Professionals
- Systems and Network Security Professionals
Those who successfully complete the training program must pass the exam in order to claim the credential. The candidates must attain at least 75% marks to become eligible for the certification.
Course Outline
The said training and certification program is based on the following course content.
- How to Bridge Computers with Industrial Processes
- Understanding of Ethernet, Wireless, and Serial Communication
- Knowledge of Computer Automation Processes (Continuous, Discrete Batch, Sequence, and ESD)
- SCADA Architecture and Protocols
- Distributed Control System (DCS) Architecture, Functions, and Applications
- Programmable Logic Controller (PLC) Architecture, Protocols, and Configurations
- Cyber-security concepts
- Cyber-attacks, Malware, Risks, and Consequences
- How Systems Can be Compromised
- Networking Architecture and Protocols
- How to Create Cyber Defense in Depth
- How to Perform System Hardening
- How to Achieve Physical Security Goals
- How to Use Cryptography in Industrial Control Systems
- How to Achieve Secure Administration