• Sign In
  • Create an Account
Toggle Nav
IFPT Account IFPT Account 
Language
EN
  • FR
Contact us
Virtual Classroom

Data Protection & Cybersecurity - Remote training

DMCYBR-EN-D
Download PDF
Send an email Share the training

Who should attend?

  • This course provides:
  • an introduction into cyber security within the Oil & Gas sector,
  • a comprehensive coverage of establishing and further maturing a cyber-security framework,
  • overview of the specifics of securing industrial systems (SCADA, DCS, etc.),
  • workshops and break-out sessions to apply the theory in case studies.
Public :
  • IT staff and technical teams interested in cybersecurity.
  • Engineers and technicians involved in data management and E&P data processing (G&G, national data base/reservoir engineering/production and field development).
  • Data governance.
  • Legal affairs.
  • Human resources.
  • Corporate risk management teams.

Level :Awareness

Prerequisite :
  • No pre-requisistes are necessary to follow this course.

Course Content

  • INTRODUCTION TO CYBER SECURITY

      • Importance of cybersecurity, cyber-attacks and lessons learned, cyber warfare, what are we trying to protect, are we successful?

  • SETTING UP AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)

      • Starting with ISMS: overview of key concepts based on ISO 27001, key artifacts.
      • Introduction to risk management: purpose and specifics of risk management in an IT setting, qualitative vs. quantitative risk management.
      • Principles of information security policies and procedures: different kinds of documents: policies, procedures, guidelines and standards, roles and objectives of policies & procedures, typical content and format.
      • Workshop writing information security policies and procedures part I: group-based exercise in writing a brand-new information security policy on a chosen topic.

  • SECURING INDUSTRIAL SYSTEMS

      • Introduction into securing industrial systems:
      • Overview of industrial systems such as SCADA and DCS and the impact on the ISMS.
      • Practical concerns and considerations around industrial systems.
      • Overview of the IEC 62443 standard: overview of the IEC 62443 standard which applies specifically for securing industrial systems.

  • SPECIAL TOPICS INFORMATION SECURITY

      • Cloud computing:
      • Developments in cloud computing, applicability within industrial systems.
      • IaaS, PaaS, SaaS.
      • Setting up a Cyber Security Operations Center (SOC): benefits and challenges of a SOC, building and operating an industrial SOC.
      • Summary and the way forward:
      • Recap of the course.
      • Keeping the momentum going, suggested practical next steps.

  • SETTING UP DATA SECURITY

      • Data security: best practices of securing the organization’s data, data breaches and their impact.
      • Hands-on exercises based on real cases: Data breach incident management/data handling ethics.

Learning Objectives

  • Attendees will be able to implement the following skills:
  • Define the elements of an Information Security Management System (ISMS),
  • Describe network security fundamentals and evaluate the security configuration of networks,
  • Identify the steps of establishing a Security Operations Center (SOC);,
  • Describe the most common security attacks and their countermeasures,
  • Understand the security consequences of Cloud computing and define mitigating measures.

Ways & Means

  • Daily lecture, exercises, and case studies.

More

Coordinator :IFP Training instructors, with expertise in the field and trained in modern teaching methods adapted to the specific needs of learners from the professional world.

To French entities : IFP Training is referenced to DataDock ; you may contact your OPCO about potential funding. Please contact our disabled persons referent to check the accessibility of this training program : referent.handicap@ifptraining.com