Security for Automation, SCADA and DCS systems is a hot topic in our sector. Recent news reports about hackers infiltrating public utility control systems has brought renewed attention to the importance of security our all-important water/wastewater infrastructure. As part of the WWAC symposium, we are offering a timely automation security course that gives an overview of why automation security is needed, how to identify potential risks, and how to go about putting a program in place to mitigate risks. The course also provides an introduction with the ANSI/ISA99 Automation Security Standard, which is a very helpful tool for establishing an automation security program at your facility.
Introduction to Industrial Automation Security and the ANSI/ISA99 Standards (IC32C)
Date: Tues, August 7, 2012
Instructor: Bryan Singer
Length: 1 day
CEU Credits: 0.7
Course Hours: 8:00 a.m. – 3:30p.m.
Register: Introduction to Industrial Automation Security and the ANSI/ISA99 Standards (IC32C) – FL
Cost: $630 ($495 for ISA members)
CEUs and PDHs:
Attendees can receive one of:
- 0.7 CEUs (approved by IACET, issued by the ISA) – for jurisdictions outside of Florida, and for ISA members
- 0.7 CEUs (approved by the Florida DEP, issued by the FSAWWA, course# 05134002) – for Florida-licensed water or wastwater operators
- 7.0 PDHs(approved by the Florida DEP, issued by the FSAWWA, course# 05134002) – for Florida-licensed engineers
Understanding how to secure factory automation, process control, and Supervisory Control and Data Acquisition (SCADA) networks is critical if you want to protect them from viruses, hackers, spies, and saboteurs.
This seminar teaches you the basics of the ANSI/ISA99 Security for Industrial Automation and Control Systems standards and how these can be applied in the typical factory or plant. In this seminar, you will be introduced to the terminology, concepts, and models of ANSI/ISA99 CyberSecurity. As well, the elements of creating a CyberSecurity management system will be explained along with how these should be applied to industrial automation and control systems.
After taking the course you will be able to:
- Discuss why improving industrial security is necessary to protect people, property, and profits
- Define the terminology, concepts, and models for electronic security in the industrial automation and control systems environment
- Define the elements of the of ISA99 Part 2: Establishing an Industrial Automation and Control Systems Security Program
- Define the core concepts of risk and vulnerability analysis methodologies
- Define the concepts of defense in depth and the zone/conduit models of security
- Explain the basic principles behind the policy development and key risk mitigation techniques
- Explain why improving industrial security will be necessary to protect people, property, and profits
The course will cover:
Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | Trends in Security Incidents
How IT and the Plant Floor are Different and How They are the Same
Current Security Standards and Practices
Creating A Security Program: Critical Factors for Success | Understanding ISA99 Part 2: Establishing an Industrial Automation and Control Systems Security Program
Using ISA99.00.02—Risk Analysis: Business Rationale | Risk Identification, Classification, and Assessment
Using ISA99.00.02—Addressing Risk with Security Policy, Organization, and Awareness: CSMS Scope | Organizational Security | Staff Training and Security Awareness | Business Continuity Plan | Security Policies and Procedures
Using ISA99.00.02—Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control: Account Administration, Authentication, and Authorization
Using ISA99.00.02—Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management | Incident Planning and Response
Using ISA99.00.02—Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
Includes ISA Standards:
- ANSI/ISA99.00.01-2007 – Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models
- ANSI/ISATR99.00.01-2007 – Security Technologies for Industrial Automation and Control Systems
- ANSI/ISA99.02.01-2009 – Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
If you wish to register offline, download the Training Registration Form, complete, and return to ISA with your payment.
Not sure this particular course is for you?
A pre-instructional survey is available for you to evaluate your level of understanding of the course material and to show you the types of questions you’ll be able to answer after completing the course.
About the Instructor
Bryan Singer, CISM, CISSP is a principal consultant with Kenexis Consulting Corporation and vice-president of Kenexis Security Corporation. He has over 15 years experience in information technology security including 7 years specializing in industrial automation and control systems security, critical infrastructure protection, and counter-terrorism. Mr. Singer’s background focuses on software development, network design, information security, and industrial security. Industry experience includes healthcare, telecommunications, water/wastewater, automotive, food and beverage, pharmaceuticals, fossil and hydro power generation, oil and gas, and several others. Mr. Singer has specialized in process intelligence and manufacturing disciplines such as historians, industrial networking,
Power and Energy Management (PEMS), Manufacturing Enterprise Systems (MES), Laboratory
Information Management Systems (LIMS), Enterprise Resource Planning (ERP), Condition Based Monitoring (CBM) and others.
Mr. Singer is the founding chairman and now co-chairman of ISA99, Industrial Automation and Control Systems Security Standards Committee, a standards body focusing on the security issues of the control systems environment. He is also a US Technical Expert to multiple IEC standards bodies, a representative to the Idaho National Labs Recommended Practices Commission, a previous board member to the US Department of Homeland Defense’s Process Control Systems Forum (PCSF), and is active globally as an industry advocate in industrial security and critical infrastructure protection. Mr. Singer has experience working in industrial automation and critical infrastructure sectors – such as Power & Energy, Oil & Gas, Transportation and Water. Mr. Singer has a Bachelors’ Degree in Computer Information Systems from Phoenix University, and holds the CISSP and CISM certifications. He is chairman of the ISA99, Manufacturing and Control Systems Security Standards Committee.
More information about the course can be found on the ISA training website.