• Classroom

The five-day ICS456: Essentials for NERC Critical Infrastructure Protection empowers students with knowledge of the what and the how of the version 5/6/7 standards. The course addresses the role of the Federal Energy Regulatory Commission (FERC), North American Electric Reliability Corporation (NERC), and Regional Entities, provides multiple approaches for identifying and categorizing BES Cyber Systems, and helps asset owners determine the requirements applicable to specific implementations. Additionally, the course covers implementation strategies for the version 5/6/7 requirements with a balanced practitioner approach to both cybersecurity benefits, as well as regulatory compliance.

This course goes far beyond other NERC Critical Infrastructure Protection (CIP) courses that only teach what the standards are by providing information that will help you develop and maintain a defensible compliance program and achieve a better understanding of the technical aspects of the standards. Our 25 hands-on labs utilize three provided virtual machines that enable students to learn skills ranging from securing workstations to performing digital forensics and lock picking. Our students consistently tell us that these labs reinforce the learning and prepare them to do their jobs better.

You Will Learn:

  • BES Cyber System identification and strategies for lowering their impact rating
  • Nuances of NERC defined terms and CIP standards applicability and how subtle changes in definitions can have a big impact on your program
  • The significance of properly determining Cyber System impact ratings and strategies for minimizing compliance exposure
  • Strategic implementation approaches for supporting technologies
  • How to manage recurring tasks and strategies for CIP program maintenance
  • Effective implementations for cyber and physical access controls
  • How to breakdown the complexity of NERC CIP in order to communicate with your leadership
  • What to expect in your next CIP audit, how to prepare supporting evidence, and how to avoid common pitfalls
  • How to understand the most recent Standards Development Team's (SDT) efforts and how that may impact your current CIP program

Learning Objectives

  • Understand the cybersecurity objectives of the NERC CIP standards
  • Understand the NERC regulatory framework, its source of authority, and the process for developing CIP standards, as well as their relationship to the other BES reliability standards
  • Speak fluent NERC CIP and understand how seemingly similar terms can have significantly different meanings and impacts on your compliance program
  • Break down the complexity to more easily identify and categorize BES Cyber Assets and Systems
  • Develop better security management controls by understanding what makes for effective cybersecurity policies and procedures
  • Understand physical and logical controls and monitoring requirements
  • Make sense of the CIP-007 system management requirements and their relationship to CIP-010 configuration management requirements, and understand the multiple timelines for assessment and remediation of vulnerabilities
  • Determine what makes for a sustainable personnel training and risk assessment program
  • Develop strategies to protect and recover BES Cyber System information
  • Know the keys to developing and maintaining evidence that demonstrates compliance and be prepared to be an active member of the audit support team.
  • Sharpen your CIP Ninja!

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.