Global Industrial Cyber Security Professional Certification (GICSP)

The Global Industrial Cyber Security Professional (GICSP) certification is designed for professionals involved in industrial control systems (ICS) security, providing a vendor-neutral, practitioner-focused approach. The certification covers a range of topics throughout the industrial control systems lifecycle.

Key Information:

• Overview: GICSP is a vendor-neutral certification focused on bridging IT, engineering, and cybersecurity for industrial control systems.
• Exam Format: One proctored exam with 82-115 questions, lasting 3 hours. The minimum passing score is 71%.
• Areas Covered:
  1. Industrial control system components, purposes, deployments, significant drivers, and constraints.
  2. Control system attack surfaces, methods, and tools.
  3. Control system approaches to system and network defense architectures and techniques.
  4. Incident-response skills in a control system environment.
  5. Governance models and resources for industrial cybersecurity professionals.
• Who is GICSP for?
  • ICS IT practitioners (including operational technology support)
  • ICS Security analysts (including operational technology security)
  • Security engineers
  • Industry managers and professionals
  • Vendors
• Exam Delivery:
  • The exam is web-based and requires proctoring.
  • Proctoring options include remote proctoring through ProctorU and onsite proctoring through PearsonVUE.
• GICSP with CyberLive:
  • CyberLive is a hands-on, real-world practical testing environment developed by GIAC to validate the knowledge and skills of cybersecurity professionals.
  • It involves using actual programs, code, and virtual machines for practical testing.
• Passing Score: The passing point for the GICSP exam is 71%.
• Certification Attempts: GIAC certification attempts will be activated in your account after approval, and you have 120 days from activation to complete the certification attempt.
• Note: Specifications for certifications are subject to change, and candidates are encouraged to verify details for their specific certification attempt in their account.

The GICSP certification is tailored to professionals working with industrial control systems, emphasizing practical skills and knowledge in cybersecurity for these critical environments.

The certification objectives and outcome statements for the Global Industrial Cyber Security Professional (GICSP) cover the following key areas:

1. Hardening & Protecting Endpoints:
   • Implementing endpoint security software and hardening/patching for Windows and Unix-style operating systems in an ICS environment.
2. ICS Components & Architecture:
   • Categorizing assets in Purdue Reference Architecture levels 0-3 for a securable architecture.
   • Summarizing the use of levels and zones in defining a secure ICS architecture, including devices at each level and zone.
3. ICS Overview & Concepts:
   • Summarizing high-level ICS processes, roles, and responsibilities.
   • Contrasting high-level differences between ICS and IT, including physical security considerations.
4. ICS Program & Policy Development:
   • Summarizing steps and best practices for building a security program and creating enforceable security policies for an ICS.
5. Intelligence Gathering & Threat Modeling:
   • Determining the threat landscape of an ICS and understanding high-level concepts of threat modeling.
6. PERA Level 0 & 1 Technology Overview and Compromise:
   • Describing level 0 and level 1 devices and technologies and summarizing how they are targeted and attacked.
7. PERA Level 2 & 3 Technology Overview and Compromise:
   • Describing level 2 and level 3 devices and technologies and summarizing how they are targeted and attacked.
8. Protocols, Communications, & Compromises:
   • Describing basic structures, protocols, and defense of communications within an ICS.
   • Summarizing compromises in TCP/IP and ICS-specific protocols, including basic descriptions of cryptography used for communication protection.
9. Risk-Based Disaster Recovery & Incident Response:
   • Describing how risk is measured and how it informs disaster recovery and incident response.
10. Wireless Technologies & Compromises:
    • Summarizing different wireless communication technologies in an ICS.
    • Understanding how these technologies are targeted and defended against.

These objectives collectively cover a wide range of knowledge and skills needed for professionals involved in industrial control systems, emphasizing security considerations and practical implementation techniques.