Self study for SANS - GIAC Global Industrial Cyber Security Professional Certification (GICSP)

There has been considerable interest in learning and upskilling all things ICS/OT Cybersecurity. One of the major reason is the phenomenal demand for skilled professionals with hands-on experience in ICS/OT systems including knowledge of Cybersecurity products/solutions catering to ICS/OT systems.

And irrespective of whether one is starting afresh or is experienced in IT security or ICS/OT Systems, some form of credentials on one's proficiency is always needed. This could comprise of a portfolio of trainings completed, books read, hands-on expertise, certifications held, any git repositories managed or contributions done, online labs like try hack me, capture the flag and others which provide virtual badges for completing the lab exercises and so on.

So certifications like GICSP, ISA/IEC 62443 Certification from ISA, Exida CACE and TUV CySec are very popular in the realm of OT Cybersecurity. If you want to know more about the certification scenario, please find the document and YouTube video below that gives a good explainer and helps you to jumpstart what is most suitable for you.

One can take SANS ICS 410 training to prepare for GICSP, but it costs upwards of $8000 which includes training cost, certification cost including two set of practice tests for GIAC Global Industrial Cyber Security Professional Certification (GICSP). Only SANS is the authorized training provider and affiliate of GIAC.

But you want to do the certification but cannot afford the training and/or your organization is unable to bear the cost fully or partially. So how do you go about this situation. Fortunately there is some help.

First one has to understand the syllabus and topics covered in the exam in detail at GIAC GICSP website. And do take a look at SANS course syllabus. Also do note GICSP is now part of Cyber Live program, wherein you also have to solve practical labs and not just multiple choice questions. Knowing what you are getting is the most important.

The important catch here is, this is an entry level introductory training and certification. So those from ICS/OT background with enough experience may find it comparatively easier than others. This course was primarily designed for IT security folks getting into OT Cybersecurity. Nevertheless it is beneficial to anyone interested as it covers a wide array of topics as we can see and also covers some hands on sessions using hardware. And considering it is widely recognized everywhere since SANS/GIAC have been there for more than two decades in the training and certification arena.

As you can see there are some good resources at hand. But there is no guarantee that all the topics will be covered 100% in below resources. So do your due diligence, prepare well, revise sufficiently, take practice exam at least once to know where you stand and revise again and take another to fee more confident. The exam is an open book exam, so you can take the books and printed materials inside. So indexing all your key learnings and topics will definitely help.

Book Resources to self-study for GIAC GICSP

1. Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT by Charles J. Brooks (Author), Philip A. Craig (Author) published by Wiley in 2022 (brief writeup below)
2. Industrial Automation and Control System Security Principles Protecting the Critical Infrastructure, Second Edition by Ronald L. Krutz, PhD, PE published by International Society of Automation (Chapter 3 preview available) Second Edition in 2017
3. Industrial Network Security Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems Second Edition by Eric D. Knapp (Author), Joel Thomas Langill (Author) published in 2014

Training Resources to prepare for GIAC GICSP

1. ICS/OT Cybersecurity Masterclass Day 1 (Free)
2. ICS/OT Cybersecurity Masterclass Day 2 (Free)
3. Master ICS/OT Cybersecurity: Fundamental to Advanced-Part 1 Course on Udemy by Sourabh Suman (paid, Coupon code available)
4. Master ICS/OT Cybersecurity: Fundamental to Advanced-Part 2 Course on Udemy by Sourabh Suman (paid, Coupon code available)
5. PLC trainings on Udemy or directly in their websites from PLC Dojo, Solis PLC, Code and Compile (There may be others too, anything works)

Study and Exam preparation

1. How I Passed My GICSP Exam
2. Better GIAC Testing with Pancakes
3. There are multitude of resources, feedback on reditt and other forums

Book Resources to know more about ICS/OT systems

Sharing below from what I have found informative and helpful, if you are from a non-OT background, then these are definitely a must read

1. A Guide to the Automation Body of Knowledge, Third Edition (Editors are Nicolas Sands and Ian Verhappen, each chapters are contributed by authors who are specialized in their respective areas) ; As the name implies, this book captures A to Z about Automation, though it may not be as comprehensive for each topic, but it is more easy to consume, understand key topics and concept behind them by specialists in their field.
2. Overview of Industrial Process Automation, Second Edition by K.L.S. Sharma ; A more comprehensive view on all things related to Industrial Process Automation (Must Read, my personal recommendation)
3. Industrial Process Automation Systems Design and Implementation by B. R. Mehta and Y. J. Reddy ; Focusses more on the Design and Implementation of ICS/OT systems
4. Industrial Automation Hands On by Frank Lamb ; A more shorter overview of key concepts, components and hardware, different machine systems, process systems and automated machinery, software, Occupation and Trade, Industrial and Factory Business Systems, Machine and System Design, and Industry Applications.

So now you know what are the materials that are needed for yourself to self-study and prepare for the exam certification.

Also during your preparation, ask those who have cleared the exam, best way to do that would be to join OT Security Professionals Group.

There is a Caveat here >> Please note, as mentioned earlier, this is not a sure shot guarantee for 100% learning material reference. GIAC keeps changing the syllabus in some ways each year and its known exactly what is changed, and there is a high possibility of Question pattern or how questions are asked changing too. This has been observed based on the SANS training that is conducted regularly, they keep updating their course material frequently. So the best bet here is investing on at least one or two practice tests

Brief details about the book, "Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT".

A practical roadmap to protecting against cyberattacks in industrial environments

In Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT, veteran electronics and computer security author Charles J. Brooks and electrical grid cybersecurity expert Philip Craig deliver an authoritative and robust discussion of how to meet modern industrial cybersecurity challenges. The book outlines the tools and techniques used by practitioners in the industry today, as well as the foundations of the professional cybersecurity skillset required to succeed on the SANS Global Industrial Cyber Security Professional (GICSP) exam.

Full of hands-on explanations and practical guidance, this book also includes:

• Comprehensive coverage consistent with the National Institute of Standards and Technology guidelines for establishing secure industrial control systems (ICS)
• Rigorous explorations of ICS architecture, module and element hardening, security assessment, security governance, risk management, and more

Practical Industrial Cybersecurity is an indispensable read for anyone preparing for the Global Industrial Cyber Security Professional (GICSP) exam offered by the Global Information Assurance Certification (GIAC). It also belongs on the bookshelves of cybersecurity personnel at industrial process control and utility companies

--xx-

If you want to figure out the available trainings and certifications for OT/ICS, check below

OT-ICS/SCADA Security Professionals Tech-Talk#3 - Discover the Path to OT Security by John Kingsley (YouTube)

Topics Covered

Learn how to achieve this without spending a fortune!

✳ What is the difference between training, certificate and certification

✳ What are the accredited trainings available for IEC 62443

✳ What are the accredited trainings available for OT/ICS cyber security

✳ What are the trainings available for OT/ICS cyber security

✳ Trainings you never knew existed 😮 😱

✳ Maximum value for your money 💲 💰

✳ Shortlisted based on value, cost, coverage, concepts 🎯

✳ Affordable trainings available for OT/ICS cyber security 🛠 🏭

✳ OT trainings PLC, SCADA, Industrial communication protocols 📡

✳ Further Reading on OT/ICS cyber security 📖 📚

All the presentation material for above session are available in below links!!

Affordable OT ICS Cybersecurity and other OT Trainings (Document)

Get yourself trained or Certified for IEC 62443 (Document)

--xx-

#cybersecurity #Communications #cyberattacks #ISA ISA Bangalore  ISA SAFETY AND SECURITY DIVISION OT SECURITY PROFESSIONALS  #otcybersecurity  #securityprofessionals  #IEC62443