Process Control Cyber - Security

An Intensive 5 - Day Training Course

Process Control Cyber - Security

Securing your Oil & Gas Assets

Scheduled Dates

18 - 22 Sep 2022 Dubai - UAE $4,950
Enroll Now In-House Options

Are the scheduled dates matching with your needs?

We provide a wider range of training options. Tailored and customized, we can deliver your organization’s training needs anytime, anywhere.

Why Choose this Training Course?

Why Choose this Training Course?

This PetroKnowledge Process Control Cyber-security training course will address the most important issues related to the protection of assets in a process control environment. Unlike traditional IT (information technology) systems, process control assets include IACS (industrial automation and control systems) which need to be protected.

Recently, three out of four organizations in the oil and natural gas industry in the Middle East have experienced a security compromise that resulted in the loss of confidential data or operational technology (OT) disruption. This is according to a recent study by Siemens and the Ponemon Institute. Another finding in the report is that – organizations believe that roughly one in every two cyberattacks against the OT environment actually goes undetected. The report also notes that the oil and gas industry is the target of as much as one-half of all cyber attacks in the Middle East and given its importance for the region’s economies, the risks faced by the industry are all the more pressing. OT, which encompasses systems that monitor and control physical devices and industrial processes, is increasingly interconnected with IT networks. In spite of all its benefits, this IT/OT convergence is opening up new avenues for attacks.

This PetroKnowledge training course will highlight:

  • Process control assets to be protected
  • The Current Industrial Security Environment
  • The process control security standard IEC 62443
  • Risk assessment and cyber-security counter-measures
  • Application diagnostics, troubleshooting, and incidence response

What are the Goals?

What are the Goals? 

At the end of this PetroKnowledge training course, you will learn to:

  • List what process control assets need to be protected
  • Understand the Current Industrial Security Environment
  • List and explain the main components of the process control security standard IEC 62443
  • Understand how to perform risk assessment and apply cyber-security counter-measures
  • Learn how to perform application diagnostics, troubleshooting, and incidence response

Who is this Training Course for?

Who is this Training Course for?

This PetroKnowledge training course is suitable to a wide range of professionals but will greatly benefit:

  • Operations and maintenance personnel
  • Process control operators, engineers
  • Process, Plant, and Project managers
  • Process engineers and mangers
  • Instrumentation technicians and engineers
  • System Integrators
  • IT/OT engineers and managers industrial facilities
  • IT/OT corporate/security professionals
  • Plant Safety, Security, and Risk Management
  • Security personnel in all categories
  • Any individual that needs to address issues in the ever expanding and complex field of cyber-security in the industrial environment

How will this Training Course be Presented?

How will this Training Course be Presented? 

This PetroKnowledge Process Control Cyber-security training course will utilize a variety of proven adult learning techniques to ensure maximum understanding, comprehension and retention of the information presented. This would include, but not be limited to, effective presentations, open discussions, simulations, paper exercises, individual and group exercises, as well as small subject evaluations at the completion of every chapter. Delegates will receive a comprehensive manual, as well as a PDF document containing the presentation slides. Questions are encouraged at all times.

Organisational Impact

Upon returning to their organization, delegates will be able to contribute to the successful execution of the following tasks and capabilities:

  • Discovering of threats, vulnerabilities affecting a process or plant
  • Performing appropriate asset identification and impact assessment
  • Using and implementing the standard IEC 62443
  • Performing appropriate risk analysis and risk identification
  • Addressing security risks
  • Protecting process and plant assets
  • Implementing process control security counter-measures.
  • Performing application diagnostics and troubleshooting
  • Implementing cyber-security operating procedures and incident response
  • Implementing a cyber-security process
  • Having staff that can make valuable input pertaining to Cyber-security Operating Procedures & Tools and Incident Response

Personal Impact

On this PetroKnowledge training course, participants will gain knowledge and learn to apply themselves, fully, in matters pertaining to Process Control Cyber-security. Such skills and knowledge should result in better career prospects within the organization and will play a meaningful role in their abilities to be leaders in their field of expertise.

From a personal impact point of view, this PetroKnowledge training course will increase your knowledge and experience involving:

  • Cyber-security principles
  • The main cyber-security standards
  • Cyber-security best practices
  • The main cyber-security counter-measures
  • Techniques for cyber-security diagnostics and troubleshooting
  • Cyber-security operating procedures & tools
  • Procedures for cyber-security incident response
  • Your ability to show to your organization that you are a valuable team member, and that you can be further developed for senior roles, where necessary

In addition, delegates will have an opportunity to share cyber-security experiences and knowledge with fellow delegates and the Instructor.

Daily Agenda

Day One: Introduction and Cyber-security Fundamentals 

  • Introduction to process control cyber-security
  • Understanding the Current Industrial Security Environment
  • How IT and OT (operational technology) in the Plant Floor are Different and How they are the Same
  • Overview of Process control
  • Overview of Industrial communication systems and networks
  • How Cyber-attacks Happen:  Threats, vulnerabilities, attacks
  • Asset identification and impact assessment

Day Two: Introduction to the IACS Cyber-security Life-cycle & ISA99/IEC 62443 

  • Identification & Assessment phase
  • Design & Implementation phase
  • Operations & Maintenance phase
  • Limits of a conventional IT approach
  • The IEC 62443 security approach and standards
  • Risk analysis Risk Identification, Classification, and Assessment
  • CAL (cyber-security assurance levels)
  • Functional requirements of IEC 62443

Day Three: Addressing Security Risks: Process Control Security Counter-measures  

  • Antivirus, anti-spyware
  • Firewalls, traffic analyzers
  • Encryption, Virtual private networks (VPNs)
  • Passwords, Authentication systems
  • Access control, Intrusion detection/prevention
  • Network segmentation

Day Four: Application Diagnostics and Troubleshooting  

  • Interpreting device alarms and event logs
  • Early indicators
  • Network intrusion detection systems
  • Network management tools
  • Interpreting OS and application alarms and event logs
  • Application management and whitelisting tools
  • Antivirus and endpoint protection tools
  • Security incident and event monitoring (SIEM) tools

 Day Five: IACS Cyber-security Operating Procedures & Tools and Incident Response  

  • Developing and following an IACS management of change procedures
  • IACS configuration management tools
  • Developing and following an IACS patch & antivirus management and cyber-security audit procedures
  • Patch management tools
  • Antivirus and whitelisting tools
  • Auditing tools
  • Developing and following an IACS incident response plan
  • Incident investigation and system recovery

 

 

 

 

 

 

 

Certificate

  • On successful completion of this training course, a PetroKnowledge Certificate will be awarded to the delegates

Frequently Asked Questions

How can I register for a training course?

  • To register online through our website, please click “Enroll Now” on the course page, complete and submit the form. A confirmation e-mail and instructions will be sent to the participant’s e-mail.
  • You may also get in touch with our Registration Team on
    +971 56 222 7795 | +971 2 557 7389 or send an email to reg@petroknowledge.com

When and how do I arrange payments?

  • Payments can be made in USD or UAE local currency AED (Arab Emirates Dirhams) either by Bank Transfer or by Credit Card. Our Bank Account details will be provided on the invoice.
  • Course fees are payable upon booking unless a valid, authorized Purchase Order is provided and accepted.
  • Invoices will be sent via email/courier to the ID/name and address provided.
  • The course fee shall be settled prior to course start date. Corporate payments with existing payment policy shall be relayed to us in advance.

When should I expect to receive confirmation of registration?

Upon successful registration online, enrolment on the respective training course will be confirmed by Registration Team by e-mail along with the invoice and joining instruction.

Is there a discount for more than one registrant/course?

For corporate fees and group registration, please send your query to info@petroknowledge.com.

Download PDF

© 2022. Material published by PetroKnowledge shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.


Sending your message. Please wait...

Close

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.