Critical infrastructure
Mining, Oil & Gas
News
Training

LOGIIC program set to upskill, train staff using ICS cybersecurity training courses from ISA

January 10, 2022
LOGIIC program

Following a study conducted in late 2019, the LOGIIC program has selected the International Society of Automation (ISA) cybersecurity training courses for its staff at oil and gas (O&G) organizations located in remote locations throughout the world. The study sought to identify alternatives for cybersecurity industrial control systems (ICS) training and certificate programs, following which LOGIIC chose ISA to provide online ICS cybersecurity training courses as part of a pilot. 

The LOGIIC (Linking the Oil and Gas Industry to Improve Cybersecurity) program surveyed the participants in the ICS cybersecurity training pilot to understand their experiences with the ISA courses and found that students had positive feedback, according to Brian Peterson, an information risk consultant who works for LOGIIC and other companies as a program and project manager. Participants also reported that the content was valuable, and the courses were easy to take and complete, he added. 

With this feedback and as part of a pilot, the LOGIIC program defined its business requirements for ICS cybersecurity training, including the desired training topics and ICS roles that needed to be trained. “We identified our training topics of interest as: ICS Configure Management, ICS Risk/Vulnerability Management, ICS, and separately Network Security and General ICS Knowledge,” Peterson wrote in a recent ISA blog post.

Students suggested improvements to specific elements of some courses, and ISA responded to the feedback. “For example, ISA developed a training manual and video to help students more easily participate in the Red Team/Blue Team game. The game allowed players to take actions based on what they learned in the training and each action was related to a specific ISA/IEC 62443 standard,” Peterson said.

O&G organizations have numerous staff, such as those on offshore rigs, who are in remote locations with limited infrastructure. The staff also have limited opportunities to attend traditional, in-person training due to the time and costs associated with traveling away from work, Peterson explained. Many of these remote locations are only accessible by helicopter or are significant distances away from major cities. 

On the other hand, staff has internet access that enables them to take online training. The LOGIIC program was seeking to find online training for ICS cybersecurity courses that allowed students to obtain certificates, according to Peterson. “Oil & Gas operations are demanding, which limits the amount of time that a student has each day to complete training. LOGIIC was seeking self-paced, modular training that could be taken by students in increments of one hour or less at a time,” he added.

To meet the training requirements, the LOGIIC program engaged eight ICS cybersecurity training providers to understand their alternatives for delivering virtual training, Peterson said. “Several companies were planning to provide training courses in an online format. ISA was the only company we met with who had training available in an online format,” he added. 

ISA had four ICS cybersecurity online courses available that addressed the topics and ICS roles that LOGIIC identified when it defined its requirements. These courses were designed to be taken in modules that were one hour or less, which met another one of the program’s requirements. “These courses were based on ISA/IEC 62443, which was very desirable for our members since these standards are widely used by many companies. ISA has a portal for managing student activities, including obtaining progress reports on course completion, which we found to be very useful,” Peterson added.

Peterson also revealed that due to the COVID-19 pandemic, LOGIIC program experienced some delays before starting the ICS cybersecurity training pilot. “Once LOGIIC started the pilot, most participants were able to complete their ICS cybersecurity training within four months. The tools provided by ISA allowed us to easily manage student activities and create progress reports. During the LOGIIC training pilot, ISA included a Red Team/Blue Team interactive exercise/game to help solidify learning about ISA/IEC 62443,” he added.

Daniel Wallance, an associate partner at McKinsey & Company, told Industrial Cyber in September that given the already limited supply of cybersecurity talent, industrial organizations are looking towards recruiting and training OT experts in cybersecurity.

“Experts working at oil & gas, utility, manufacturing companies or at OEM OT providers have OT expertise but not necessarily OT cybersecurity expertise. Therefore cybersecurity organizations train these resources in cybersecurity thus creating new avenues of OT cybersecurity talent,” he said.

The ICS cybersecurity sector has traditionally faced a shortage of skilled workers and has struggled to plug the skills shortage. The U.S. Department of Homeland Security (DHS) has also turned its focus towards improving federal cybersecurity talent, working more aggressively to recruit, develop, and retain top cybersecurity professionals. 

Siemens Energy, the SANS Institute (SANS), and a group of non-profit and academic organizations announced last month that the agencies will work towards delivering industrial cybersecurity education to the next generation of cyber defenders. Prior to that industrial cybersecurity vendor, Dragos announced its Dragos Academy, a comprehensive educational and training program available to its customers and partners, while industrial cybersecurity company Applied Risk released in September its TactICS suite that will provide ICS and OT professionals with higher cybersecurity awareness and skills for interacting with OT environments.

Last April, the LOGIIC program completed Project 12 testing for safety instrumentation and management assets. The project was carried out to review and study cybersecurity issues in ICS that impact safety and business performance related to the O&G sector.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation