The International Society of Automation (ISA) has unveiled the ISA/IEC 62443-based cybersecurity training and certificate program.
Developed in partnership with aeSolutions, the program is designed to arm professionals with the knowledge to identify and mitigate vulnerabilities in industrial automation and control systems, which represent an increasingly diverse and extensively connected set of technologies. ICS controls and automates significant portions of our connected society, including power moving through the electrical grid, oil flowing through pipelines, travelers commuting on rail systems, and systems controlling pharmaceutical and food manufacturing.
The certification program is focused on giving those involved in industrial IT and ICS a way to improve their understanding of, and acquire a command of the principles covered in, the ISA/IEC 62443 series of standards. These standards apply to all key industry sectors and critical infrastructure.
The program consists of four training courses. The fundamentals course is two days in length, while additional three-day courses take deeper dives into risk assessment, design and maintenance. All the courses include extensive high-quality hands-on labs.
“It was an honor for me and my team to work with ISA, to fulfill our mutual vision to develop a practical, standards-based curriculum, that will quickly enable industrial IT and automation professionals with the knowledge and skills needed to protect their companies’ ICS systems,” said John Cusimano, director of Industrial Cybersecurity at aeSolutions. “I am particularly thankful to the ICS vendors who provided ISA with hardware, software and support to make the hands-on labs extremely realistic.”
After attending each course, students may take an exam to demonstrate their command of the material. Students taking all four courses, and passing all four exams, are awarded the title of “ISA/IEC 62443 Cybersecurity Expert.”
In addition to the training materials, the aeSolutions’ industrial cybersecurity team created exercises to take students from a variety of backgrounds and introduce them to a range of technology solutions, such as passive and active vulnerability scanning, intrusion detection, network monitoring, industrial firewalls, white listing, secure remote access, PLC configuration management and system hardening.