On the website of the Repository of Industrical Security Incidents for industrial control systems (ICS), the headlines for the latest incidents scroll by. “Steel plant infected with Conficker.” “Computer glitch causes shutdown of airport.” “Car manufacturer infected with computer virus.” And the list goes on.
The very fact that such a database exists is indication of the need for improved cyber security for critical infrastructure and industrial systems. At the end of November, the Global Information Assurance Certification organization (GIAC) is launching a certification to fill this very need. It is the Global Industrial Cyber Security Professional Certification, or GICSPC, and it focuses on the foundational knowledge that professionals responsible for securing critical infrastructure assets should have.
The GICSP is being developed and guided by a steering committee of leaders from major industrial companies, advisors and suppliers of industrial controls. The committee includes members from companies such as Honeywell, Pacific Gas & Electric, BP, KPMG, Emerson and others. GIAC is creating the vendor-neutral, protocol-agnostic certification, and SANS Institute has developed a corresponding training course.
The target audience for this certification includes not only cybersecurity professionals but also industrial and process control engineers and SCADA operators. One of the key objectives of this certification is to provide a strong foundation and bridge so that engineers and cyber security professionals can actually work together, blending their competencies to be able to secure a control system.
The optional five-day training course from SANS, ICS410 ICS/SCADA Security Essentials, has been designed to get the engineers and the cybersecurity people to learn about each other’s discipline so they are better prepared to work together in a real world environment. This is part of the breakthrough function of the GICSP certification — that team members learn how to interface with each other and understand what each party brings to the table to secure these systems.
The GICSP certification objectives include:
- Incident Management
- Information, Security and Risk Management
- Access Management
- Physical Security
- Log Collection and Management
- Industrial Control Systems
- Configuration and Change Management
- System hardening
- Business Continuity
- Cybersecurity Essentials
Candidates are required to pass one exam to earn the credential. The exam consists of 115 questions with a time limit of three hours. The certification is valid for four years; continuing professional education requirements are consistent with GIAC standards.
The GICSP is a global certification built to ANSI standards. In time, GIAC intends to submit the certification to ANSI and get it approved under the ANSI ISO/IEC 17024 standard. More information about the GICSP is available from GIAC.