This 3-day course provides a comprehensive introduction to the ISA/IEC 62443 standards, focusing on the management perspective for securing industrial automation and control systems (IACS). Participants will gain a solid understanding of the key concepts, structures, and applicability of the standard, and learn how to establish and implement an effective IACS security programme. Covering both foundational knowledge and practical application.
Interested in attending? Have a suggestion about running this event near you?
Register your interest now
Description
- Part 1:
- Foundations of ISA/IEC 62443 (Day 1 and 2)
- Introduction to industrial automation and control systems (IACS)
- Key terms and IACS technologies
- Structure and purpose of the ISA/IEC 62443 family of standards
- Core concepts of ISA/IEC 62443 (based on ISA/IEC 62443-1-1)
- IACS networking and system security requirements
- Maturity levels and security levels
- Threat landscape and typical threat actors in IACS environments
- Areas of special concern unique to IACS
- Foundational requirements (FR) and system requirements (SR)
- Overview of covered standards:
- ISA/IEC 62443-2-1: Establishing an IACS security programme
- ISA/IEC 62443-2-3: Patch management in the IACS environment
- ISA/IEC 62443-3-3: System requirements and security levels
- ISA/IEC 62443-4-3: Security technologies for IACS
- ISA/IEC 62443-4-4: Component security requirements and assurance levels
- Part 2:
- Building an IACS security programme (Day 3)
- Phases of the security programme:
- Establish
- Risk assessment
- Policy development
- Organisation
- Training
- Incident response
- Testing
- Monitoring
- Consideration of related ISA/IEC 62443 standards not covered in detail (e.g. secure product lifecycle and supply chain security)
- Summary of the programme and key takeaways
- Course completion and wrap-up
- Exams and assessments
- After attending the course, you are eligible to apply for sitting the exam. If you successfully pass the exam, you can apply for the “PECB Certified ISA 62443 Lead Implementer” credential. This credential will demonstrate your knowledge and professional capabilities to support and lead disaster recovery teams in implementing disaster recovery strategies based on best practices
- Hands-on learning
- This course includes:
- Scenario-based exercises on building an IACS security programme.
- Group discussions on risk assessment, incident response, and policy development.
- An exam voucher is included with this course.
- Case studies exploring applications of ISA/IEC 62443 in industrial and critical infrastructure environments.
- Guided instructor-led walkthroughs of foundational and system requirements.
Audience
This course is designed for:
- Industrial control system (ICS) engineers
- Automation and control system designers
- Cybersecurity professionals
- IT/OT managers and engineers
- Industrial network administrators
- System integrators
- IACS security analysts
- Risk and compliance managers
- Control system operators
- Maintenance and support personnel in industrial environments
- Professionals working with critical infrastructure resilience (CER)
Prerequisites
Participants should have:
- A basic understanding of industrial automation, control systems, or operational technology.
- Familiarity with cybersecurity concepts and risk management frameworks.
- Experience in industrial environments is recommended but not required