Essentials for NERC Critical Infrastructure Protection Training

Print Friendly, PDF & Email
Introduction

Essentials for NERC Critical Infrastructure Protection Training Course with Exercises

The Essentials for NERC Critical Infrastructure Protection Training 5-day course empowers students with knowledge of the "What" and the "How" of the Version 5/6 standards. The Essentials for NERC Critical Infrastructure Protection Training course addresses the role of FERC, NERC and the Regional Entities, provides multiple approaches for identifying and categorizing BES Cyber Systems and helps asset owners determine the requirements applicable specific implementations.

Additionally, the Essentials for NERC Critical Infrastructure Protection Training course covers implementation strategies for the Version 5/6 requirements with a balanced practitioner approach to both cybersecurity benefits, as well as regulatory compliance.

Duration: 5 days

Essentials for NERC Critical Infrastructure Protection Training Related Courses

Customize It

• We can adapt this Essentials for NERC Critical Infrastructure Protection Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Essentials for NERC Critical Infrastructure Protection Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Essentials for NERC Critical Infrastructure Protection Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Essentials for NERC Critical Infrastructure Protection Training course in manner understandable to lay audiences.

Audience / Target Group

Individuals with CIP responsibilities in the following areas:

• IT and OT (ICS) cybersecurity
• Field support personnel
• Security operations
• Incident response
• Compliance staff
• Team leaders
• Governance
• Vendors / Integrators
• Auditors
• Computer emergency response teams

Objectives:

After completing this Essentials for NERC Critical Infrastructure Protection Training course, attendees will be able to:

Essentials for NERC Critical Infrastructure Protection Training - Course Content:

Asset Identification and Governance

• Regulatory History and Overview
• NERC Functional Model
• NERC Reliability Standards
• CIP History
• Terms and Definitions
• CIP-002: BES Cyber System Categorization
• CIP-003: Security Management Controls

Access Control and Monitoring

• CIP-005: Electronic Security Perimeter(s)
• Interactive Remote Access
• External Routable Communication and Electronic Access Points
• CIP-006: Physical Security of BES Cyber Systems
• Physical Security Plan
• Visitor Control Programs
• PACS Maintenance and Testing
• CIP-014: Physical Security

System Management

• CIP-007: System Management
• Physical and Logical Ports
• Patch Management
• Malicious Code Prevention
• Account Management
• CIP-010: Configuration Change Management and Vulnerability Assessments
• Change Management Program
• Baseline configuration methodology
• Change management alerting / prevention

Information Protection and Response

• CIP-004: Personnel & Training
• Security Awareness Program
• CIP Training Program
• PRA Evaluation Process
• CIP-011: Information Protection
• Information Protection Program
• Data Sanitization
• CIP-008: Incident Reporting and Response Planning
• Incident Response Plan/Testing
• Reporting Requirements
• CIP-009: Recovery Plans for BES Cyber Systems
• Recovery Plans
• System Backup

CIP Process

• CIP Processes for Maintaining Compliance
• Preparing for an Audit
• Audit Follow Up
• CIP Industry Activities
• Standards Process
• CIP of the Future

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0