ICS Cybersecurity Training for Remote Staff
In late 2019, LOGIIC (Linking the Oil and Gas Industry to Improve Cybersecurity) conducted a study to identify alternatives for cybersecurity industrial control systems (ICS) training and certificate programs that could be delivered to staff located in remote locations throughout the world. LOGIIC selected ISA to provide online ICS cybersecurity training courses as part of a pilot. We received very positive feedback about the ISA training course content and portal used by the students.
This blog describes how LOGIIC selected ISA, the results of the LOGIIC training pilot with ISA, and some key findings from the pilot.
Defining the Training Requirements
LOGIIC defined our business requirements for ICS cybersecurity training, including the desired training topics and ICS roles that needed to be trained. We identified our training topics of interest as: ICS Configure Management, ICS Risk/Vulnerability Management, ICS, and separately Network Security and General ICS Knowledge.
Oil & Gas companies have numerous staff who are in remote locations with limited infrastructure, like staff on offshore rigs. The staff have limited opportunities to attend traditional, in-person training due to the time and costs associated with traveling away from work. Many of these remote locations are only accessible by helicopter or are significant distances away from major cities.
On the other hand, staff have internet access that enables them to take online training. LOGIIC was seeking to find online training for ICS cybersecurity courses that allowed students to obtain certificates. Oil & Gas operations are demanding, which limits the amount of time that a student has each day to complete training. LOGIIC was seeking self-paced, modular training that could be taken by students in increments of one hour or less at a time.
Selecting a Training Provider
LOGIIC engaged eight ICS cybersecurity training providers to understand their alternatives for delivering virtual training. Several companies were planning to provide training courses in an online format. ISA was the only company we met with who had training available in an online format.
ISA had four ICS cybersecurity online courses available that addressed the topics and ICS roles that LOGIIC identified when we defined requirements. These courses were designed to be taken in modules that were one hour or less, which met another one of our requirements. These courses were based on ISA/IEC 62443, which was very desirable for our members since these standards are widely used by many companies. ISA has a portal for managing student activities, including obtaining progress reports on course completion, which we found to be very useful.
LOGIIC ICS Cybersecurity Training Pilot with ISA
Due to the pandemic, LOGIIC experienced some delays before starting the ICS cybersecurity training pilot. Once LOGIIC started the pilot, most participants were able to complete their ICS cybersecurity training within four months. The tools provided by ISA allowed us to easily manage student activities and create progress reports. During the LOGIIC training pilot, ISA included a Red Team/Blue Team interactive exercise/game to help solidify learning about ISA/IEC 62443.
LOGIIC Conclusions from the Training Pilot
LOGIIC surveyed the participants in the ICS cybersecurity training pilot to understand their experiences with the ISA courses. Student feedback was very positive. Participants reported that the content was valuable, and the courses were easy to take and complete.
Students suggested improvements to specific elements of some courses, to which ISA quickly responded to address our feedback. For example, ISA developed a training manual and video to help students more easily participate in the Red Team/Blue Team game. The game allowed players to take actions based on what they learned in the training and each action was related to a specific ISA/IEC 62443 standard.
The Linking the Oil and Gas (O&G) Industry to Improve Cybersecurity (LOGIIC) consortium was established in partnership with the U.S. Department of Homeland Security (DHS) Science and Technology (S&T) Directorate to review and study cybersecurity issues in industrial control systems (ICS) that impact safety and business performance as they pertain to the O&G sector.