EnergySec offers a growing number of educational courses covering both NERC CIP and general security topics. Below are short abstracts of our courses and intended audiences. For full course information, please click on the course title.
EnergySec members receive a 30% discount off the list price of EnergySec courses.
The CIP Bootcamp is our flagship course, now with more than 1500 alumni.This course provides essential foundational knowledge of the NERC CIP ecosystem, as well as in-depth information on every CIP standard and requirement.This is the standard option for professionals seeking a full understanding of the NERC CIP standards. This includes all five days of the Bootcamp as outlined.
Audience: Industry professionals seeking a full knowledge of the NERC CIP standards and associated compliance oversight processes.The full 5-day Bootcamp qualifies for 40 CPE credits.
Day 1 of the Bootcamp provides foundational knowledge of the CIP standards and a deep dive into the Low Impact requirements.Topics include the history and legal basis of the standards, terminology, policy requirements, asset identification, and the four focus areas for the protection of low impact systems
Audience: Anyone with day to day responsibilities that include NERC CIP requirements.Vendors selling products or services to entities subject to the CIP standards.
In addition to the day 1 material discussed above, Days 2-3 present a deep dive into standards CIP-004 through CIP-014, covering every requirement in depth with discussions on compliance approaches,.
Audience: Anyone with day to day responsibilities that include NERC CIP requirements at the high or medium impact level.Vendors selling products or services to entities subject to the CIP standards.
Days 4-5 of the Bootcamp provide entity personnel with an understanding of compliance oversight practices employed by the ERO.This includes a detailed explanation of the audit process from preparation, to execution, to post-audit negotiations. Attendees will obtain an understanding of the NERC Rules of Procedures (RoP), Compliance Monitoring and Enforcement Program (CMEP), Inherent Risk Assessments (IRA), Internal Controls Evaluation (ICE), and the audit process as documented in the ERO Auditors Handbook. RSAW and evidence preparation and presentation will also be discussed.
Audience: Compliance, regulatory, legal, technical, and security staff that will participate in formal CIP audits, mock audits, or internal compliance reviews. Others desiring an understanding of oversight processes and methods to ensure compliance.
This educational event is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. For 2018, we are currently planning two events: Phoenix, AZ in April, and the Northeast U.S. is September. Dates and venues will be announced in late 2017.
Our Education Week events invite some of the brightest minds in utility security to teach a variety of technical topics relevant to our industry. Topics include Threat Hunting, Network Packet Analysis, Technical Security Assessments, security exercises, and more. We’ve also arrange for facility tours to provide a behind the scenes look at just what we are working to secure.
Education Weeks also include a variety of networking events designed to build relationships within industry and strengthen the community of cybersecurity professionals in our sector.
Attendees of this event will: