COM 203: SEL Cybersecurity Best Practices for Critical Infrastructure
*Course Base Fees:
*Plus applicable sales tax.
Modern power systems are engineering marvels, providing power to sources just in time. Today the engineering that goes into power systems must ensure the system is both safe from cyber attack and compliant with NERC CIP regulations. Cybersecurity isn’t something that can be achieved by one person, product, or technology. Real system-wide protection starts with the understanding that it takes teamwork and common goals to achieve success. Cybersecurity is a key component of enhanced power system reliability and operation.
In this cybersecurity fundamentals course, you will learn these key goals and components for successful teamwork, including policies, regulations, access controls, and procedures designed to secure critical cyber assets. During this one-day course, you will design and evaluate a realistic security protection scheme to secure critical cyber assets, using the defense-in-depth cybersecurity philosophy. This course also provides a concise introduction to the concepts that will be applied in APP 3620: Sensible Cybersecurity Using the Ethernet Security Gateway.
- Day 1
- Introduction to Cybersecurity
- Cybersecurity Basics and Fundamental Goals
- NERC CIP Regulation Requirements
- Cyber Attack Types
- Defense in Depth
- Trust Management
- Access Controls
- Negative Testing
Students should have a working knowledge of:
- Power system protection theory and application
- Ethernet and SCADA communications methods
This course would be of value to any employee at a utility, but specifically, the following personnel would benefit: utility IT personnel, regulatory agency personnel, and communications and automation engineers.
Students should bring a laptop computer with a working CD-ROM drive.
Upon completion of this course, students can:
- Identify modern cybersecurity architectures and strategies
- Identify firewall principles and best practices
- Identify methods to secure Ethernet communications protocols
- Identify network and enterprise authentication methods
- Define regulatory and operational controls needed for secure operation
- Identify the goals of cryptography
- Differentiate between symmetrical and asymmetrical algorithms
- Define the components required for central authentication
Classes are conducted from 8 a.m. to 5 p.m. each day. Complimentary lunch and breaks are provided. This one-day course includes a course notebook, reference materials, and a certificate of completion.