When we think of cyber threats, the first things that come into our minds are identity theft, ransom ware and other cyber-attacks affecting traditional information technology (IT) systems. People tend to forget about cyber threats to operational technology (OT) systems affecting our critical infrastructure everywhere around the globe. Systems that control the operations of our manufacturing plants, chemical plants, water/utilities, power, hospitals, universities, etc. all face cyber threats with potentially devastating consequences.
With emerging new technologies and increasing automation in manufacturing, the importance of security should be recognized more and more. It requires more than just data protection and IT-focused cybersecurity measures. This training program provides a start to oversee the field of cybersecurity in Manufacturing IT and OT environments, and it gives structure to get organized.
By applying the ISA/IEC-62443 (formerly ISA-99) standard, a structured approach to security in manufacturing, both IT and OT, can be set up. The standard defines both a design concept, being Zones and Conduits, and a Security Lifecycle concept based on risk assessments and continuous improvement thinking. In our training this standard will be explained.
Also the US standard NIST.SP.800-171 will be introduced, a self-assessment methodology (called C2M2) and the certification framework from the US Department of Defense (called CMMC).
In this workshop, an approach is presented to implement security effectively and efficiently in manufacturing and automation & control systems. Program and processes of a cybersecurity management system to sustain security are discussed and trained through exercises.
Classroom and Online
Classroom: The program is taught in a classroom environment on a single day.
Online: Instructor lead online version of the same program, delivered in 2 four-hour sessions on 2 consecutive working days.
Certificate
The program comprises several exercises and assignments. A few of them have to be done as homework, requiring up to 2 hours additional time). All participants who complete all assignments will receive the MOMi Education Certificate for this program.
- Introduction
- Why cybersecurity, especially in manufacturing?
- ISA/IEC-62443 (ISA-99) standard
- Exercise: Risk
- Culture
- C2M2 Self-Assessment Model
- Exercise: C2M2 Self-Assessment
- NIST.SP.800-1781 and CMMC certification
- Wrap-Up