EN60: Cyber Risk Assessment in New and Existing Industrial Systems in Energy, Oil & Gas.

Industrial Cybersecurity Training Program

ORGANIZED BY
Arpel WisePlant

Introduction

Develop the Industrial Cyber Risk Assessment complying with all the requirements of the ISA/IEC-62443 series of standards with ease, speed and ensuring compliance.

The right methodology is critical to making the right decisions and creating industrial infrastructures that are resilient to all types of threats. Avoid delays and typical errors due to lack of management, knowledge or experience.

Course Outline

At the end of the EN60 course you will be in a position to:

• Properly interpret the requirements of the ISA/IEC-62443 series of standards for the Cyber Risk Assessment (ASSESSMENT) phase.

• Carry out all these risk assessment activities successfully using a minimum amount of time, dedicating most of it to the activities of value.

• Correctly identify the system under consideration, whether these are existing or future systems, starting in engineering stages.

• Collaborate, participate in, and/or lead a detailed cyber risk assessment based on the assessment of realistic scenarios and consequences.

• Make good decisions consistently with other industrial risk disciplines.

• Assist or develop an effective, efficient, and sufficient plan of action to mitigate all risks in accordance with the risk tolerable by the organization.

 

You will cover the following topics in the course:

  1. Interpret the requirements of the WBS methodology to meet the requirements of the standards and make good decisions.
  2. Understand the necessary activities to be carried out during the Cyber Risk Assessment (ASSESSMENT) phase.
  3. Understand the inputs needed before starting each activity.
  4. Understand the outputs to be produced because of each activity.
  5. Establish and know the expectations, roles and responsibilities of each participant.
  6. Estimate the time, duration, and resources required to complete the risk assessment.
  7. Analyze, understand, and model zones and conduits.
  8. Accurately identify the complete list of cyber-assets that make up the system under consideration, including Hardware, Virtual Machines and Software.
  9. Employ passive, non-intrusive methods and techniques to identify cyber-assets and develop vulnerability studies in existing 7x24 or future systems.
  10. Identify public vulnerabilities (existing in global databases), private vulnerabilities (specific to the particular installation of the SuC), and zero-day vulnerabilities.
  11. Classify vulnerabilities such as administrative, cyber, and physical.
  12. Model the Industrial Cybersecurity risk matrix to be used to calculate Industrial Cyber Risk in a repeatable and auditable way.
  13. Develop an organizational maturity assessment against global best practices, including ISA/IEC-62443 and regulations for energy, oil, and gas.
  14. Develop security breach assessments against global best practices, including ISA/IEC-62443 and others.
  15. Model the company's physical assets and identify all potential consequences through hazard identification and criticality analysis.
  16. Participate in and/or conduct a detailed cyber risk assessment according to the ISA/IEC-62443-3-2 risk assessment methodology.
  17. Produce the necessary recommendations to reach the tolerable risk for the organization.
  18. Produce the necessary reports with the necessary and sufficient recommendations at the level of processes, technology, systems, policies, procedures, and best practices.

 

Recognitions

All participants who meet the course requirements and who successfully pass the final exam with a good grade will be awarded a Digital Badge. The Digital Badge certifies that the participant has attended the 2160 training course and has taken the final assessment test with a good grade, verifying that the participant has assimilated the new knowledge in a reasonable way.

 

Requirements

It has no specific requirements. It is recommended that the professional has knowledge of some of the following: Project Management according to PI/PMBOK methodology, International Cybersecurity Standards by industry consensus ISA/IEC-62443, Corporate Cybersecurity or Information Security Standards ISO-27000, Industrial risk management standards such as ISA/IEC-61511, functional safety, Regulations and/or national standards such as NIST, NERC, and others; Experience in corporate project management and cultural change management, Other industrial risk management standards (worker safety, environmental safety, etc.).

 

MORE INFO

Instructor

  • Maximillian Kon
    Maximillian Kon General Director, WisePlant
    Maximillian Kon

    Maximillian Kon

    General Director, WisePlant


    Maximillian is the CEO, General Director, and Founder of WisePlant. He is an electronic engineer specializing in industrial automation, an active member of the ISA99 Committee - Working Group 8, an active member of the ISA Secure Committee, director of the WiseSecurity consulting services division, and an official ISA RTP Training instructor for Industrial Cybersecurity.

    He has developed his professional career in South America, accumulating over 20 years of experience in industrial systems and critical systems across various industries including oil, gas, energy, food, pharmaceuticals, chemicals, petrochemicals, water, paper, metallurgy, mining, smart buildings, and others.

Registrations

COURSE EN60

Arpel Members: 650 USD

Others: 850 USD

 

CYBERSECURITY TRAINING PROGRAM


COURSES: EN50 - EN60 - EN61 - EN62 - EN99

Arpel Members: 2.450 USD

Others: 3.200 USD

Thu 07 Mar
Webinar

Improving Process Safety Performance

More info
Mon 08 Apr
Conference

Arpel-Naturgas Week 2024

More info
Tue 23 Apr
Workshop

Just Energy Transitions in Latin America and the Caribbean

More info
Thu 25 Apr
Webinar

Status of Net Zero Reporting in the Latin American Oil and Gas sector

More info
Tue 04 Jun
Conference

4th. Suriname Energy, Oil & Gas Summit & Exhibition

More info
Tue 11 Jun
Workshop

Workshop of the Arpel Sustainability Commitee 2024

More info
Thu 13 Jun
Webinar

The Road Ahead: Upstream Strategies in the Energy Transition

More info
Tue 25 Jun
Conference

Latin America Climate Summit

More info
Thu 27 Jun
Workshop

Reducing of methane and CO2 emissions in upstream operations

More info
Mon 08 Jul
Webinar

Global launch of RETOS™

More info
Tue 23 Jul
Webinar

Fair Market Valuation in Upstream Oil & Gas

More info
Mon 19 Aug
Webinar

Powering an increasingly decarbonized world

More info
Thu 29 Aug
Webinar

Designing a matrix of roles and responsibilities in industrial cybersecurity

More info
Tue 03 Sep
Webinar

The meaning of just energy transitions for our region

More info
Thu 12 Sep
Workshop

Workshops on Carbon Markets

More info
Thu 19 Sep
Webinar

Reducing Failures and Energy Consumption in Ecopetrol's Artificial Lifting Systems

More info
Tue 24 Sep
Others

Becht HF Alkylation Summit

More info
Tue 24 Sep
Webinar

Introduction to the Escazú Agreement

More info
Thu 03 Oct
Others

Third EAGE Workshop on EOR

More info
Thu 10 Oct
Webinar

Data Management in Exploration: Security, Knowledge, and Resources

More info
Thu 17 Oct
Webinar

Sustainability reporting 101: introduction and essential steps in producing your sustainability report

More info
Tue 29 Oct
Webinar

Materiality assessments for sustainability reports

More info
Wed 06 Nov
Webinar

Process Safety Implementation for an Early Production Facility (EPF) – Upstream

More info
Tue 12 Nov
Webinar

Prevention of Major Emergencies in the Exploitation of Unconventional Fields

More info
Tue 19 Nov
Others

Energy Summit 2024

More info
Tue 26 Nov
Workshop

Workshops on Carbon Markets

More info
Wed 02 Apr
Others

Cuba Energy Summit

More info
Tue 24 Jun
Conference

Innovarpel 2025

More info
Tue 01 Oct
PROGRAM

Arpel Leadership Program - 3rd edition

More info
Tue 07 May
COURSE

EN50: Industrial Cybersecurity Management for projects in the Energy, Oil & Gas sector

More info
Mon 27 May
COURSE

EN60: Cyber Risk Assessment in New and Existing Industrial Systems in Energy, Oil & Gas.

More info
Tue 25 Jun
COURSE

EN61: Design and Implementation of Cybersecurity Recommendations in Zones and Conduits

More info
Tue 16 Jul
COURSE

EN62: Monitoring and Maintenance of Industrial Cybersecurity in Zones and Conduits

More info
Thu 22 Aug
COURSE

EN99: Handling and Management of Industrial Cybersecurity Alerts Applying the ISA/IEC-62443 Standard

More info
Tue 27 Aug
COURSE

EN50: Industrial Cybersecurity Management for projects in the Energy, Oil & Gas sector

More info
Tue 17 Sep
COURSE

EN60: Cyber Risk Assessment in New and Existing Industrial Systems in Energy, Oil & Gas.

More info
Tue 15 Oct
COURSE

EN61: Design and Implementation of Cybersecurity Recommendations in Zones and Conduits

More info
Tue 05 Nov
COURSE

EN62: Monitoring and Maintenance of Industrial Cybersecurity in Zones and Conduits

More info
Tue 26 Nov
PROGRAM

Industrial Cybersecurity Training Full Program

More info
Tue 26 Nov
COURSE

EN99: Handling and Management of Industrial Cybersecurity Alerts Applying the ISA/IEC-62443 Standard

More info
  • Tags:
    • Cybersecurity

Related content

courses (4)
EN99: Handling and Management of Industrial Cybersecurity Alerts Applying the ISA/IEC-62443 Standard

Cybersecurity

EN99: Handling and Management of Industrial Cybersecurity Alerts Applying the ISA/IEC-62443 Standard

More info
EN50: Industrial Cybersecurity Management for projects in the Energy, Oil & Gas sector

Cybersecurity

EN50: Industrial Cybersecurity Management for projects in the Energy, Oil & Gas sector

More info
EN61: Design and Implementation of Cybersecurity Recommendations in Zones and Conduits

Cybersecurity

EN61: Design and Implementation of Cybersecurity Recommendations in Zones and Conduits

More info
EN62: Monitoring and Maintenance of Industrial Cybersecurity in Zones and Conduits

Cybersecurity

EN62: Monitoring and Maintenance of Industrial Cybersecurity in Zones and Conduits

More info
News (4)
Institute of the Americas and Arpel sign memorandum of understanding at La Jolla Energy Conference 2024

Environment, Energy Transitions, Sustainability

Institute of the Americas and Arpel sign memorandum of understanding at La Jolla Energy Conference 2024

Within the framework of the XXXIII La Jolla Energy Conference, which took place on October 16 and... Read more
Trafigura: new active member of Arpel

Environment, Energy Transitions, Sustainability

Trafigura: new active member of Arpel

Arpel welcomes Trafigura as a new active member. Trafigura is a multinational commodity trading... Read more
Ancap and Ecopetrol Upstream Webinars: Exploration data management and reducing failures in artificial lifting systems

Cybersecurity, Digitalization, Production

Ancap and Ecopetrol Upstream Webinars: Exploration data management and reducing failures in artificial lifting systems

More than 200 professionals participated in the last two webinars to exchange best practices in... Read more
Arpel-CCI Webinar on the design of the matrix of roles and responsibilities in Industrial Cybersecurity

Cybersecurity

Arpel-CCI Webinar on the design of the matrix of roles and responsibilities in Industrial Cybersecurity

More than 110 professionals from Ancap, Ecopetrol, Enap, EP Petroecuador, Honeywell, Petroperú,... Read more
Events (3)
Arpel-Naturgas Week 2024

Refinement, Terminals, Gas

Arpel-Naturgas Week 2024

Arpel, the Association of Oil, Gas, and Renewable Energy Companies of Latin America and the... More info
Designing a matrix of roles and responsibilities in industrial cybersecurity

Cybersecurity

Designing a matrix of roles and responsibilities in industrial cybersecurity

Industrial Cybersecurity Best Practices Exchange Talks More info
Innovarpel 2025

Digitalization, Cybersecurity

Innovarpel 2025

Digital Transformation and Industrial Cybersecurity in the energy sector More info
Publications (4)
Industrial Cybersecurity Maturity Benchmarking in the oil and gas industry for Latin America and the Caribbean

Cybersecurity

Industrial Cybersecurity Maturity Benchmarking in the oil and gas industry for Latin America and the Caribbean

This manual provides a general description of the methodology developed by Arpel to carry out the... More info
Arpel Annual Report 2021

Cybersecurity

Arpel Annual Report 2021

This document compiles the activities carried out during 2021 to drive the four strategic lines:... More info
Arpel Annual Report 2020

Cybersecurity

Arpel Annual Report 2020

The document contains information on Governance and Membership of Arpel. In addition, it compiles... More info
Modelo I3. Cautivando el interés de la junta directiva en los temas de ciberseguridad

Cybersecurity, Security

Modelo I3. Cautivando el interés de la junta directiva en los temas de ciberseguridad

In an asymmetric information scenario and with permanent changes at the political, economic,... More info
Arpel Channel (4)
Arpel-Naturgas Week 2024 - April 8th to 12th in Cartagena de Indias

Environment, Energy Transitions, Sustainability

Arpel-Naturgas Week 2024 - April 8th to 12th in Cartagena de Indias

Watch video
Innovarpel 2023, first edition of a technical event dedicated to Digitalization and Cybersecurity

Digitalization, Cybersecurity, Supply Chain

Innovarpel 2023, first edition of a technical event dedicated to Digitalization and Cybersecurity

Watch video
VIDEO SUMMARY: Arpel-Naturgas Week 2024. From April 8th to April 12th in Cartagena de Indias, Colombia

Environment, Energy Transitions, Sustainability

VIDEO SUMMARY: Arpel-Naturgas Week 2024. From April 8th to April 12th in Cartagena de Indias, Colombia

Watch video
Arpel Webinar: Cybersecurity in the Industrial Cloud: Protecting the Connected Future

Digitalization, Cybersecurity

Arpel Webinar: Cybersecurity in the Industrial Cloud: Protecting the Connected Future

Watch video

Would you like to receive a notification when a new course is launched?

Subscribe now to receive updates about courses!

Subscribe

ASSOCIATION OF OIL, GAS AND RENEWABLE ENERGY COMPANIES OF LATIN AMERICA AND THE CARIBBEAN

Av. Luis A. de Herrera 1248, WTC, Tower 2, 7th Floor, Office 717. Montevideo, Uruguay.
Phone: (+598) 2623 6993 – Email: info@arpel.org.uy

Contact Us