Become a Certified Industrial Cybersecurity Professional CICP®

This is the best ICS Security course/ OT Cybersecurity training course that you can find anywhere!

    • Self paced, modular online e-learning course that you can start now
    • Free exam and certification when you take the course and pass. Earn the CICP® title that you can display against your name.
    • Easy to understand with graphics, animations and exercises- it is not just a video of some guy talking.
    • Covers IEC 62443 standards
    • Highly Cost Effective for professionals as compared to similar certification programs by other providers

Brochure
Short Preview

Demo will open in new window. Please allow Autoplay in your browser.

Learn all about ICS Cyber Security and become a Certified Industrial Cybersecurity Professional ( CICP®)

Take this Abhisam online course now and learn all about ensuring Industrial Control System security, SCADA security and Safety Instrumented System security.

After completing the course and passing the exam and assignment, you can become a Certified Industrial Cybersecurity Professional – CICP®

Industrial Control Systems, known as ICS for short, include control systems such as DCS, PLC, SCADA based systems, as well as Safety Instrumented Systems (SIS). They are the crucial systems that control industrial plants & machinery and keep them safe. They do not include IT (Information Technology) systems such as ERP or MIS.

Where are Industrial Control Systems (ICS) used?

These ICS are used in many industries. Manufacturing plants, critical infrastructure  (such as the Electrical Grid, pipelines, power generation , water distribution and  other utilities), marine  (ships & other vessels), railways, nuclear power plants, thermal power plants, renewable power generation plants all make extensive use of Industrial automation and safety systems. These are also known as Industrial Automation Control Systems (IACS) or as OT (Operational Technology). Protecting these systems from cyber attacks is known as OT security.

This is distinct from IT security, which is the technology used to protect Information Technology systems such as Banking, Stock Market systems, currency trading systems or corporate ERP systems.

Why is OT Security important?

Today the threat environment has changed. Typically many manufacturing plants and critical infrastructure that exists today was built many years ago. At that time a typical control system was not built for resilience against malicious attacks and even today many of these ICS environments, use older operating systems for their Human Machine interface (Operator and Engineering stations). Industrial Control Systems in older plants, may run on a very old operating systems and software, which may be difficult to upgrade and patch.

For Asset owners, this is a huge problem because an attack on an IACS may result in an accident that causes damage to assets, people and the environment, which is not  affordable because of stringent laws and regulations. On the other hand, malicious actors can easily attack plant assets (not just computer hardware but actual process equipment), via the industrial networks that monitor and control them, because a lot of data about vulnerabilities of DCS, PLC, SCADA and similar systems is easily available online.

When malicious entities target and attack your control system then you may not only

      • Lose your Intellectual Property  (data) such as batch recipes, setpoints, process data, production figures, yield ratios) that are stored in the ICS environments.

      • Put your Assets at risk (the breached Industrial Control systems may execute unwanted actions that can cause fires, explosions and environmental damage)

      • Drop Ransomware on your IT networks due to interconnection with Industrial networks
      • Damage your organization’s reputation and market capitalization

      • Run afoul of the law

The asset owners may need to prepare an incident response protocol along with other professional support services that will take these above into account.

Key Benefits of the Course

  • Includes Online Exam and Certification to achieve the CICP® designation
  • Self Paced Course, learn at your own speed, whenever you wish
  • Learn from home, office or anywhere else
  • Access from any device PC/laptop/Mac/Tablet-no restrictions
  • Prove your competency by displaying your electronic badge online on social media
  • Full fledged e-learning course- Its not a video of a guy speaking or a pdf or a PPT
  • Learn from Real life situations and case studies
  • Based on globally relevant ICS Security Standards such as IEC 62443

Earn Certificates and Badges

CertCompetencyJohnQPublicIndustrialCybersecurity
Industrial Cybersecurity Professional badge
Certified Industrial Cybersecurity Professional

Testimonial

 

“I am working in one of the world’s leading EPC company , engaged in the Cement and Mining industry. We purchased the ICS CYBER SECURITY TRAINING & CERTIFICATION e-learning courses. I found this course to be very informative and easy to understand. I and my colleagues completed the course successfully and got the certificates and badges. I personally recommend this course whoever interested to learn about Industrial Control System Cybersecurity.

I wish success for Abhisam team for their great work.”

D. Anbudurai , FLSmidth

Free Industrial Cybersecurity Report

Download the Abhisam Industrial Cybersecurity report now. No sign up required. Industrial Cybersecurity Report

Who should take this course?

This course can be taken by anybody wishing to learn about OT Security. You need to know the basics of computer system networks.  The following roles will find this especially useful:

    1. Instrument, Control Systems or Automation Engineers with experience in industry.
    2.  IT security professionals who wish to expand their domain into OT security.
    3. IT professionals who wish to know about OT security.

Choose from any of the versions.

Scroll below to see complete contents.

Standard

For one learner
$ 595
  • All Modules
  • Access the course for 1 year
  • Earn a Certificate and 50 PDH
  • Earn the Title of CICP®
Buy Now
Order Processing by FastSpring. All major cards & Paypal accepted. Local taxes applicable.

Get Trial Access to all Abhisam courses, including this Industrial Cybersecurity course (Standard) for $7. You will NOT be billed automatically after trial ends.

$7 Trial

Professional

For one learner
$ 795
  • Everything in Standard
  • Additional modules on IEC 62443-2-4 & Supply Chain Cybersecurity
  • Access the course for 3 years
  • Earn a Certificate and 70 PDH
  • Earn the Title of CICP®
Buy Now
Order Processing by FastSpring. All major cards & Paypal accepted. Local taxes applicable.
Popular

Professional (Payment Plan)

For one learner
$ 205 X 4
  • Monthly affordable Installments
  • Pay in 4 installments of $205 each
  • Everything in Professional
Buy Now
Order Processing by FastSpring. All major cards & Paypal accepted. Local taxes applicable.

Table of Contents

This gives an outline of the course contents. For a detailed list of what is included, please refer to the CICP Course Brochure. Note that new content is added regularly and all the newly added content may not be listed here.

Please expand the + sign to show what is inside each module.

This module is to introduce you to the subject of Industrial Cybersecurity.

Overview of Industrial Automation & Control Systems (DCS/PLC/SCADA/SIS)

  • Introduction to Industrial Control Systems

  • Industrial Control Systems Application Areas

  • Cyber physical systems

  • Evolution of Industrial Control Systems

  • Pneumatic Controllers

  • Single Loop Controller architecture

  • Control Rooms

  • Control Room & Field

  • Analog Electronic Signals

  • Traditional Controls

  • Point to Point Architecture

  • DDC to DCS

  • DCS

  • DCS as a group of controllers

  • DCS Connection to field devices

  • Fieldbus

  • MODBUS

  • Programmable Logic Controllers

  • PLC HMI

  • SCADA

  • PLC-SCADA

  • Safety Instrumented Systems

  • SIS Cybersecurity

  • Typical Industrial Control System Architecture

  • Automation Hierarchy

  • Conclusion

Basic Concepts of Cybersecurity

  • Cybersecurity Basics

  • Cybersecurity Policy

  • Authorized Access

  • Unauthorized Access

  • Brute Force Attacks

  • Secure Communication

  • Authentication

  • Non Repudiation

  • Encryption

  • Public and Private Keys

  • Locking and Unlocking

  • Public Key Cryptography

  • Digital Signature

  • Defense in Depth

  • Privileges

  • Role of Malware

  • Understanding malware delivery

  • Attack Surface

  • Threats & Vulnerabilities

  • Viruses

  • Worms

  • Trojans

  • Types of Trojans

  • Ransomware

  • Scareware

    Spyware

  • Command & Control

  • Firewalls

  • Firewall Basic Working

  • Classes of Firewalls

  • Deep Packet Inspection Firewalls

  • Intrusion Detection Systems

  • Denial of Service

  • Distributed Denial of Service

  • Telephonic Denial of Service

  • Penetration Testing

  • Backdoors

  • Backdoor Example

  • Demilitarized Zone

  • Privilege Escalation

  • Network Hardening

Threats to IACS

  • Introduction

  • Threats to IACS

  • IACS Threat Severity

  • Vulnerability Causes

  • Increased Connectivity

  • Insecure by design

  • Use of COTS

  • Shodan

  • Skill Levels needed

  • Lack of awareness

  • Predisposing Conditions

  • Four Steps to an Attack

  • Vectors

  • Phishing

  • Spear Phishing

  • Social Engineering

  • Fake Profiles

  • Insecure Connections & Firewalls

  • Malicious Websites

  • Waterholing

  • Fake Updates and Pirated Software

  • USB Drives

  • Devices and Software with Vulnerabilities

  • Buffer Overflow

  • SQL Injection

  • APT

  • Port Scanning

  • Cross Site Scripting

  • Packet Sniffing

  • Zero Day Exploits

  • Exploit Markets

  • IACS Attack Categories

  • ICS Targeted attacks

  • Attack Sequence of Events

  • Man in the middle attack

  • MITM in ICS

  • Denial of Service

  • Replay attack

  • Spoofing

  • Blended Attacks

  • More Information

IACS  & OT Security Standards

  • Introduction

  • ISA99- Purdue Model

  • IEC 62443 Standard

  • Overview of IEC 62443
  • Foundational Requirements of IEC 62443

  • ANSI/ISA/IEC 62443 Standard Organization

  • Zones, Conduits and Security Levels

  • Zone partitioning Case Study

  • Security Level Types

  • Security Levels

  • IEC 62443-2
  • IEC 62443-3
  • IEC 62443-4
  • Cybersecurity Management System & Incident Response

  • ISA Secure Scheme

  • ISO 31000

  • ISO 27000

  • IEC 61508

  • IEC 61508 implementations

  • IEC 61511

  • IEC 61511- More clauses

  • SIS Implications

Risk Assessment & Risk Management

  • Introduction

  • ABC Industries Risk Assessment

  • Risk Assessment & Mitigation

  • Non Safety Consequences

  • Risk Assessment Process

  • Security Vulnerability Analysis

  • IACS Evaluation

  • Initial Risk Assessment

  • Threat Assessment

  • IACS Vulnerabiility

  • Consequence Analysis

  • Example Calculation

  • Tolerable Risk

  • Modification-Small Site

  • Modification-Medium Site

  • Modification-Large Site

  • Modification-Remote Site

  • Seven Steps

  • Second Risk Assessment

  • Periodic Assessment

  • Cyberattack Mitigation

This module explains the IACS cybersecurity lifecycle. It has 10 sections as below:

1.People, Policies, Procedures & Standards.

    • Roles & Responsibilities
    • Use Least Privilege
    • Privilege Escalation
    • Standards
    • Recommended Practices
    • Technical Reports
    • Which Standards to use
    • IEC 62443, NIST 800-82 and NERC CIP

2. Hazard and Risk Assessment

    • Example
    • Overfill Prevention System
    • OPS Vulnerability
    • Risk Assessment Techniques
    • Consequences
    • Risk Matrix based techniques
    • Types of Risk Matrices
    • Security Vulnerability Analysis

3. Asset Inventory Management

    • What are IACS Assets
    • Other IACS related systems
    • Software tools
    • Asset Monitoring
    • Sample format

4. Training & Competency Management

    • Introduction
    • Training IACS related personnel
    • Types of training
    • Competency Management

5. Secure Architecture, Devices, Configuration and Software coding practices

    • Introduction
    • Secure Architecture
    • Firewalls and Unidirectional Gateways-1
    • Firewalls & UGWs-2
    • How unidirectional gateways work
    • Internet facing devices
    • Portable IACS Devices
    • Vendor brought portable IACS devices
    • Secure configuration
    • Secure software
    • Top 20 coding practices for PLCs

6. Intrusion Detection & Prevention

    • Intrusions
    • Intrusion Detection Methods
    • Intrusion Detection System (IDS)
    • Anomaly detection
    • Hybrid detection technique
    • Example IDS working
    • Other signs of intrusion
    • Perimeter security

7. Event Logging & Analysis

    • What is event logging in IACS
    • Importance of ICS event logs
    • Trigger events
    • Clocks and Time stamping systems
    • Time synchronization and Network Time Protocol (NTP)
    • Time servers
    • IACS Event logging coverage
    •  Log access Permissions
    • Data Historians

8. Incident Response

    • Incident Response capability
    • Incident Response Planning
    • Incident Response organization
    • Integration with site Emergency Plan
    • Incident Response Team composition
    • Incident Response Team Roles and Responsibilities
    • Incident Response Policy
    • Incident Response Procedures
    • Incident Recognition
    • Containment
    • Remediation
    • Recovery

9. Backup & Restore

    • Why separate IACS Backup and Recovery
    • IACS Backup and Recovery Plan
    • Disaster Management
    • Automated backups
    • Backup Testing
    • Backup before patching
    • Backup after patching
    • Backup services from IACS vendors
    • Backup locations
    • Vulnerabilities in automatic backup systems
    • Case Study- Automatic Backup System vulnerability

10. Patch Management & Testing

    • History of IACS patching
    • Current state of IACS patching
    • Patching Vulnerabilities
    • Patch creation
    • Why patch management?
    • IEC 62443-2-3 patch management
    • Setting up an organization
    • Which devices to patch
    • Tracking new patches
    • Support lifecycle
    • Patch applicability
    • Patch authenticity verification
    • Patch deployment
    • Rollbacks
    • IACS Vendor supported automated patch management
    • Testing the patch deployment
    • When patches cannot be applied
    • Compensating Controls

Case Study

Learn in detail about Stuxnet, the most infamous Industrial Cyberattack till date. This is a must know module for security professionals.

In this module, we will view a demo of an attack on an Industry leading PLC using freely available tools.

Advanced Industrial Cybersecurity Modules-1

These are essential to know for security professionals and are in Standard as well as Professional versions

  • Understanding the Cyber Kill Chain for ICS security

  • Understanding the MITRE ATT&CK Matrix

  • ICS Honeypots

  • Other ICS device search engines like Shodan

  • Self Assessment for Advanced Module

The Advanced Module 2 is only available in the Professional version. This consists of the following modules:

  1. Understanding IEC 62443-2-4 compliance
    In this module, understand every detail of the IEC standard 62443-2-4. This is very useful for IACS vendors and system integrators to know how to comply with various aspects of this part of the standard. It is also useful for Asset Owners to know what to expect from a vendor when they follow this standard. Also, OT security auditors can understand how to check compliance to this part of the standard.
  2. IACS Supply Chain Cybersecurity.
    This is a very important part of OT Cybersecurity which covers both hardware and software aspects, such as SBOM (Software  Bill of Materials) of Industrial Automation, Control and Safety Systems.

Be part of the Abhisam Cybersecurity Thriller!

Be part of the Red Team or Blue Team in this exercise that involves a manufacturing process and a control system.

(Coming Soon )

Before you take the Certification Exam you can take this mock test for practice.

After completing all the modules, you can take the exam. On passing, earn the title of CICP-Certified Industrial Cybersecurity Professional.

Still Have Questions? No Problem, Here's A List Of Our Most Frequently Asked Questions (FAQ).

What is this? Is it just a power point presentation?

No, it is NOT a power point presentation at all! It is a full fledged, comprehensive e-learning course that we call as an XPRTU. It has text, graphics, animations, videos, exercises that form a complete learning course.

 

How do I get  Certified as a CICP®?

Complete all modules of  the Abhisam Industrial Cybersecurity Coursde, pass the online exam within the validity of the license period and complete the assignment, after which you get a Certificate of Competency in Industrial Cybersecurity, the CICP® certificate and an electronic Badge  that you can display online on places such as LinkedIn. Also get the right to use the  CICP® designation, which is a great way to demonstrate your knowledge and competency to your bosses, peers and clients/customers.

What does the $7 trial include?

The $7 trial includes trial access to ALL the courses in the Abhisam Catalog for a limited time.

After the trial is over you can choose to either buy an individual course OR subscribe to the GOLD or PLATINUM membership plans.

Your card will not be billed automatically.

 

Which versions are available?

This course is available in the Standard version, Professional Version and the Enterprise version.

The Standard version gives you 1 year online access to the modules, exam and certification as a CICP® (on passing).

The Professional version has additional modules such as IEC 62443-2-4 compliance, Supply Chain Cybersecurity and allows you to  access the course for a period of 3 years, exam and certification as a CICP® (on passing). Once you complete all modules and pass the exam, you can use the CICP® designation. e.g. John Smith, CICP.

 

What is the Enterprise version?

This is meant for organizations with 10 or more learners.  The Enterprise version enables your manager to have a Dashboard where they can view Learner Progress at a granular level. Contact Us for a free trial.

What is the Abhisam GOLD membership?

When you subscribe to the Abhisam GOLD membership, you get access to all the courses in the GOLD plan, by paying just one low monthly subscription.

You can also get a free certification exam every month. If you are interested in taking a bunch of courses, then the GOLD membership gives you an affordable plan to do this. This is available to individuals only.

What is the Abhisam Platinum membership?

This is meant for organizations with multiple learners. When you subscribe to the Abhisam Platinum membership, your learners get access to all the courses in the Abhisam Catalog, by paying just one low Enterprise yearly subscription. You can also get a free certification exam every month.  Additionally you also get a Dashboard where your Training Manager can see the progress of the learners, such as learner module completion, login times, test scores, etc.

What is the ordering process?

When you click on the Buy Now button, you will be taken to the Fast Spring  secured payment site. Ordering is completely secure. You can pay online by either Credit Card or wire transfer/manual order. Note that you will get the license key to activate only after payment is processed.

Still Have Questions?

No Problem. Contact Us by filling the form below and we will get back to you.

Free Industrial Cybersecurity White Papers

IEC 62443 Training

IEC 62443 is one of the main Industrial Cybersecurity standards today. It is officially known as ANSI/ISA/IEC 62443. It is not one single document, but a set of standards and practices, technical publications directed at various stakeholders such as Asset Owners, IACS vendors, IACS system integrators and other entities who are involved in the design, installation, commissioning and maintenance of Operational Technology (OT) systems.

Click here to know more
Questions?

Contact Us by filling the form below OR call us OR email

Contact Form Demo (#2)

Just get this Confined Space Safety e-learning course today and get trained in working safely in confined spaces.

Note that it includes all the knowledge that you need to have to know how to work safely in confined spaces.

Can I not get this information free from elsewhere?

There is a  common myth  “Just Google it”

It is a myth that you can simply Google for Confined Space   information and get everything that you need to know.

Most likely you will get a large number of occupational safety articles and information, some videos, some power point slides, but much of the information may be in bits and pieces.

While you can get some basic information about confined space safety from these sources, it may not be complete. Even if you do find enough material, it will take you a long time to sequence it all together in one coherent document that makes sense to you.

Even after doing all this there is a possibility that you may not get what you really need to know from an OSHA compliance perspective

Plus you will spend several hours of your time doing all this for zero returns on your investment!

On the other hand, when you take this Abhisam Confined Space safety course, you know that

    1.  It is very carefully made, with subject matter experts in the field of Occupational Safety, Process Safety & Industrial operations who have spent decades in the actual field creating permit systems, investigating incidents and streamlining methods to reduce or eliminate confined space safety accidents.
    2. Utilizes easy graphics, animations and simulations, real life examples of dos and donts, correct and incorrect practices  that enable you to understand everything easily.
    3.  Earn a Certificate when you pass the associated exam and also get an electronic badge that can be displayed online on places such as LinkedIn. Get Noticed.

Can I not simply buy a book? That will be much cheaper!

Of course, you could always pass this up and decide to go for  buy a book on this topic,

but,

remember that there are some disadvantages with this approach

    1.  The first is that not a single book is available  that covers all the topics that you need to know. On the other hand, there will be many books on general workplace safety, occupational safety, permit systems, that may be relevant to only those working in normal workplaces, not those having confined spaces.
    2.  Some of these books may be outdated and obsolete.
    3.  Nobody gives you a certificate if you simply read a book!

 

What does the $7 trial include?

The $7 trial includes trial access to ALL the courses in the Abhisam Catalog for a limited time including this Confined Spaces Safety course

After the trial is over you can choose to either buy an individual course OR subscribe to the GOLD or PLATINUM membership plans.

Your card will not be billed automatically.

Which versions are available?

This course is available as either stand alone (select the Standard version above), Professional, or as part of the Abhisam GOLD membership level.

The Standard version allows you to access the course online from any device (PC/tablet/smartphone) that has an internet connection and a browser that supports HTML 5 (such as Mozilla Firefox, Google Chrome, Internet Explorer, Microsoft Edge, Opera, etc). You can access the course for a period of one year, within which you need to take the exam to earn a Certificate (electronic). You will also earn an electronic badge that can be displayed online on LinkedIn and similar portals.

The Professional version allows you access to the course for 3 years online. You will also earn an electronic badge that can be displayed online on LinkedIn and similar portals.

The content in the Standard and Professional versions is the same.

What is the Abhisam GOLD membership?

When you subscribe to the Abhisam GOLD membership, you get access to all the courses in the Abhisam Catalog, by paying just one low monthly subscription with no commitment as you can cancel anytime. You can also get a free certification exam every month. If you are interested in taking a bunch of courses, then the GOLD membership gives you an affordable plan to do this. This is available to individuals only.

What is the Abhisam Platinum membership?

This is meant for organizations with multiple learners. When you subscribe to the Abhisam Platinum membership, your learners get access to all the courses in the Abhisam Catalog, by paying just one low Enterprise yearly subscription. You can also get a free certification exam every month. 

Additionally Platinum membership gives you a Dashboard where your Training Manager can see the progress of the learners, such as learner module completion, login times, test scores, etc.