IC37 IACS Cybersecurity Operations & Maintenance

Through an agreement with the International Society of Automation (ISA), aeSolutions is proud to offer a variety of Industrial Cybersecurity courses.


The third phase in the IACS Cybersecurity Lifecycle (defined in ISA 62443-1-1) focuses on the activities associated with the ongoing operations and maintenance of IACS cybersecurity. This involves network diagnostics and troubleshooting, security monitoring and incident response, and maintenance of cybersecurity countermeasures implemented in the Design & Implementation phase. This phase also includes security management of change, backup and recovery procedures and periodic cybersecurity audits.

This course will provide students with the information and skills to detect and troubleshoot potential cybersecurity events as well as the skills to maintain the security level of an operating system throughout its lifecycle despite the challenges of an every changing threat environment.

You will be able to:

Perform basic network diagnostics and troubleshooting
Interpret the results of IACS device diagnostic alarms and event logs
Implement IACS backup and restoration procedures
Describe the IACS patch management life cycle and procedure
Apply an antivirus management procedure
Define the basics of application control and white listing tools
Define the basics of network and host intrusion detection
Define the basics of security incident and event monitoring tools
Implement an incident response plan
Implement an IACS management of change procedure
Conduct a basic IACS cyber security audit

You will cover:

Introduction to the ICS Cybersecurity Lifecycle
Identification & Assessment phase
Design & Implementation phase
Operations & Maintenance phase
Network Diagnostics and Troubleshooting
Interpreting device alarms and event logs
Early indicators
Network intrusion detection systems
Network management tools
Application Diagnostics and Troubleshooting
Interpreting OS and application alarms and event logs
Early indicators
Application management and whitelisting tools
Antivirus and endpoint protection tools
Security incident and event monitoring (SIEM) tools
IACS Cybersecurity Operating Procedures & Tools
Developing and following an IACS management of change procedure
Developing and following an IACS backup procedure
IACS configuration management tools
Developing and following an IACS patch management procedure
Patch management tools
Developing and following an IACS antivirus management procedure
Antivirus and whitelisting tools
Developing and following an IACS cybersecurity audit procedure
Auditing tools
IACS incident response
Developing and following an IACS incident response plan
Incident investigation
System recovery

Classroom/Laboratory Exercises:

Asset Inventory
ICS Device Hardening
Disabling USB Storage Devices
Restrict access to USB drives
Application Control / Whitelisting
Microsoft Windows Software Update Services (WSUS)
PLC backup and configuration management
Change Management (MOC form)
Event Detection Tracking and Log Monitoring
Vulnerability Scanning
Network Packet Capture Analysis
Troubleshooting and Forensics

Who Should Attend?

Operations and maintenance personnel
Control systems engineers and managers
System Integrators
IT engineers and managers industrial facilities
Plant Safety and Risk Management

Recommended Pre-Requisites:

ISA Courses TS06, TS12, TS20, IC32, IC33 and IC34 or equivalent knowledge/experience.


🏢 Onsite, Instructor-Led


🏢 Houston - 5/18/21 - 5/20/21


No dates scheduled?

Can't make dates shown?

Let us know and we will keep you updated as more courses are scheduled. 


United States


Greenville, South Carolina
Corporate Headquarters

  • LinkedIn
  • Twitter
  • YouTube
  • Facebook

Contact Us