EFSTAS Ltd. - United Kingdom, is an accepted course provider of the TÜV Rheinland Cyber Security Training Program.
The objective of the course is to provide participants with a fundamental understanding of the principles of IACS Cybersecurity Risk Assessment in the process industries according to IEC 62443 and to understand:
Successful participants, who have sufficient experience and pass both the fundamentals and Security Risk Assessment exam, will be eligible for the prestigious CySec Specialist (TÜV Rheinland) certificate in Security Risk Assessment.
The course is based around a practical case study that will be developed across the three days of the course taking the delegate through the SRA process. The course is a modular structure of classroom tuition followed by a case study practical, which will take the participant through the SRA process as identified in IEC 62443-3.2.
Day four consists of a four-hour two-part examination based on a multiple choice and an Open SRA examination.
Provides the introduction to the background, concepts and principles to be applied to the Security Risk Assessment, competency, compliance, security management and the relevant international standards. The Security Risk Assessment using a risk matrix will be discussed as well as the introduction to the case study.
The topics covered are:
Further develops on the concepts, principles and techniques carried out in day one and the case study work by taking the output from the High-Level SRA and evaluates the risks based on their likelihood and consequence and prioritizes them for examination in the Detailed-Level SRA. The second day also includes an explanation of what outputs would be expected from the High-Level SRA. The principles and activities of the Zoning and Conduit sections of the IEC 62443 will also be explained
The topics covered are:
Develops on the case study work carried out in day one and two taking the outputs from the High-Level SRA and the Zone and Conduit exercise and then examining the prioritised risk zones in detail in the Detailed-Level SRA. Also covered is the relation between the Detailed-Level SRA and Attack Trees and how they may be used in both the risk assessment and the effective implementation of the countermeasures/security controls.
A four (4) hour two-part competency examination compromising:
Part 1 = 30 multiple-choice questions (1 mark each question);
Part 2 = Open-Ended exam with 7 questions (10 marks each question).
The pass score criterion is 75%
Functional, Process and Technical Safety Engineers, Control and Instrument Engineers and Managers, Process Engineers, Operations personnel and Managers, Maintenance staff, consultants, advisors and persons involved in Management, Engineering, Operations and safety of process operations. In addition, persons with PH&RA experience and who are currently involved in Process Hazard and Risk Analysis, and will be required to take part in the Security Risk Assessments and Cybersecurity Requirements Specification.
In accordance with the TÜV Rheinland Functional Safety and Cyber Security Program:
From £1950 GBP (Euro €2100) per participant