Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

Separate registration fee applies. To register, select this course on the event registration form.

• Onsite/in-person delivery
• Course Dates: 8-9 October 2025, 08:00-16:00
• CEU Credits: 1.4
• A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course

Description

Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32) provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. 

With the move to using open standards, such as Ethernet, Transmission Control Protocol/Internet Protocol (TCP/IP), and web technologies, in supervisory control and data acquisition (SCADA) and process control networks (PCN), systems are being exposed to the same cyberattacks facing corporate information systems, protecting control systems is more important than ever.

Certificate Program: This is a preparatory class for the ISA/IEC 62443 Cybersecurity Certificate Program. The course registration includes the fee for one exam.

Learning Objectives

• Discuss the principles behind creating an effective long term program security
• Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
• Define the basics of risk and vulnerability analysis methodologies
• Describe the principles of security policy development
• Explain the concepts of defense in depth and zone/conduit models of security
• Analyze the current trends in industrial security incidents and methods hackers use to attack a system
• Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

Topics Covered

• Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
• How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
• Creating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
• Risk Analysis:  Business Rationale | Risk Identification, Classification, and Assessment 
• Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
• Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
• Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
• Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
• Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems

Classroom/Laboratory Demo

• PCAP Live Capture Analysis

Recommended Resources

Standards

• ISA-62443-1-1-2007, Security for Industrial Automation and Control Systems, Part 1-1: Terminology, Concepts, and Models
• ISA-62443-2-1 (99.02.01)-2009, Security for Industrial Automation and Control Systems, Part 2-1: Establishing an Industrial Automation and Control Systems Security Program
• ANSI/ISA-62443-3‑2-2020, Security for industrial automation and control systems, Part 3‑2: Security risk assessment for system design
• ANSI/ISA-62443-3-3 (99.03.03)-2013, ANSI/ISA-62443-3-3 (99.03.03)-2013 Security for industrial automation and control systems, Part 3-3: System security requirements and security levels
  

Books

• Cybersecurity Library
• Industrial Automation and Control System Security Principles, Second Edition by Ronald L. Krutz, PhD, PE

Recommended Prerequisites

• There are no required prerequisites for taking this course; however, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting. IC32 is a 14-hour boot camp-style class, and there is not much time to teach basic commands and cybersecurity.
• ISA courses: TS07, TS12, or the equivalent knowledge/experience would be beneficial.
• Note from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of ISA courses TS07, TS12 or cybersecurity general principles. 

Instructor:

Cameron Hamari
Industrial Cybersecurity Consultant, 
1898 & Co. | A part of Burns & McDonnell

Cameron is a seasoned industrial cybersecurity consultant with eight years of experience in the field. He began his career as a controls engineer specializing in batch programming and water treatment systems. Today, Cameron collaborates closely with clients to strengthen their cybersecurity posture by performing on-site assessments and spearheading the design and implementation of technical controls and compliance solutions. He draws on his academic background in Cybersecurity and holds certifications including Cisco CCNA Industrial, ISA/IEC 62443 Expert, and CompTIA PenTest+. Cameron’s comprehensive expertise enables organizations to navigate complex regulatory landscapes and address their most pressing operational cybersecurity challenges. 

Assessing the Cybersecurity of New or Existing IACS Systems (IC33)

Separate registration fee applies. To register, select this course on the event registration form.

• Onsite/in-person delivery
• Course Dates: 8-9 October 2025, 08:00-16:00
• CEU Credits: 1.4
• A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course

Description

Assessing the Cybersecurity of New or Existing IACS Systems (IC33) provides students with the information and skills to assess the cybersecurity of a new or existing industrial automation and control system (IACS); and to develop a cybersecurity requirements specification (CRS) that can be used to document the cybersecurity requirements of the project. 

IC33 focuses on the first phase of the IACS Cybersecurity Lifecycle, as defined in ISA/IEC 62443-1-1 standard. Students learn to identify and document IACS assets and perform a cybersecurity vulnerability and risk assessment to identify and understand the high-risk vulnerabilities that require mitigation. Per ISA/IEC 62443-2-1, these assessments need to be performed on both new (i.e., greenfield) and existing (i.e., brownfield) applications. Part of the assessment process involves developing a zone and conduit model of the system, identifying security level targets, and documenting the cybersecurity requirements in a CRS.

Certificate Program: IC33 is the second course in the ISA/IEC 62443 Cybersecurity Certificate Program. Pass the exam to earn the ISA/IEC 62443 Cybersecurity Risk Assessment Specialist certificate. Course registration includes one exam fee.

Learning Objectives

• Identify and document the scope of the IACS under assessment
• Specify, gather, or generate the cybersecurity information required to perform the assessment
• Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design
• Interpret the results of a Process Hazard Analysis (PHA)
• Organize and facilitate a cybersecurity risk assessment for an IACS
• Identify and evaluate realistic threat scenarios
• Identify and assess the effectiveness of existing countermeasures
• Identify gaps in existing policies, procedures, and standards
• Evaluate the cost, complexity, and effectiveness of new countermeasures to make meaningful recommendations
• Establish and document security zones and conduits
• Develop a Cybersecurity Requirements Specification (CRS)

Topics Covered

• Preparing for an Assessment
• Security lifecycle
• Scope
• System architecture diagrams
• Network diagrams
• Asset inventory
• Cyber criticality assessment

Cybersecurity Vulnerability Assessment

• Risk
• Types of cybersecurity vulnerability assessments
• High-level assessments
• Passive and active assessments
• Penetration testing
• Conducting high-level assessments
• Assessment tools
• Cyber Security Evaluation Tool (CSET)
  

Instructor:

Tim Gale
Director of Industrial Cybersecurity, 
1898 & Co. | A part of Burns & McDonnell

Tim Gale is a Director of Industrial Cybersecurity at 1898 & Co., bringing over 30 years of expertise in deploying Industrial Control Systems (ICS) across various sectors. He is a certified ISA/IEC 62443 Cybersecurity Expert and Instructor. He is recognized for his contributions to significant publications such as the DOE’s “Cyber Informed Engineering Implementation Guide” and the “ICS Security Top 20 Practices.” Tim leads a dedicated team that develops robust security and resilience strategies for operational technology environments, utilizing ISA/IEC 62443 and Cyber Informed Engineering (CIE) principles throughout all project phases. His extensive experience positions him as a thought leader in enhancing cybersecurity measures within critical industries.