Industrial Control System
Cyber Security Institute

ICS Cyber Security Training Curriculum

ICSCSI believes that teaching industrial security cannot be a “one size fits all” approach - the most common negative aspect with existing, large-scale industrial security training programs. This is the reason training needs to be offered to align with a client’s training objectives and required skills. This is best accomplished with a curriculum that includes courses that vary in length and content while aligning with the trainees' individual job skill requirements. The summaries below cover a range of courses mapped to student occupational roles and the expected outcome of each session. ICSCSI understands the importance of aligning training with workforce short- and long-term skills development. Therefore, ICSCSI has structured their curriculum into three different training goals with a target estimate of the total workforce to complete the training within a target horizon. The table below illustrates this approach and can be used with the figure below to align recommended training by workforce function.

All attendees will receive a certificate of completion for continuing education units (CEU) that can be applied to other certification requirements.

Training Horizon Workforce Training Target Recommended Training Course(s) Course Duration
1 year 100 % Introduction to Industrial Control System Cyber Security <1 day
  75 % Fundamentals of Information Technology and Operational Technology Systems 3 days
1-2 years 50 % Conducting Asset Inventories for DoD Facility-Related Control Systems using the Army Methodology 3 days
1-3 years 25% Fundamentals of Industrial and Facility-Related Control System Cyber Security 5 days
1-5 years 5% NEW!!! Ethical Hacking for Industrial Control Systems 5 days

Training Curriculum Road Map

The training objectives for each have been aligned with the Army Universal Task List and the Universal Naval Task List as an effort to map knowledge with operational objectives. Though these lists are aligned with the United States Dept. of Defense, they are also applicable to individuals and commercial organizations that provide or support critical infrastructure and key resources.

Additional information on each of the courses can be viewed by selecting from the following list or the Quick Links located in the top righthand section of this page: