Cybersecurity Technician – Implementation

This is a 5 day practice-oriented training course held by the accepted course provider Phoenix Contact as part of the TÜV Rheinland Cybersecurity Training Program

The training consists of two parts:

1. Three days of theoretical part, contents largely congruent with the training "Fundamentals of Cybersecurity".
2. 1.5 days of practical exercises applying and implementing selected measures from the theoretical part in a laboratory environment.

Employees (technicians, engineers, foremen, skilled workers) of operators and service providers who are primarily involved in the implementation, operation, maintenance, and management of IACS in the field.

Upon completion of this training, participants should be able to:

• describe the principles of security and cybersecurity management and the key features of industry standards and technical reports;
• understand the fundamentals of industrial communication networks and related technology;
• understand the requirements for communications protocols, routing and segmentation;
• identify key countermeasure, design, operations, and maintenance requirements related to cybersecurity lifecycle phases, roles, and responsibilities;
• understand the requirements for organizational security, technological and economic impact, planning, and recovery in terms of policies, procedures, guidelines, and competency requirements;
• understand the requirements for proper inspection, operation, maintenance, and modification of installed cybersecurity measures as required by various security standards;
• understand and technically implement the requirements from documents for implementation and operation, e.g., Cybersecurity Requirement Specification CRS.

Basic knowledge of IACS, industrial communication protocols, and functional safety is required.

The training ends with a 3 hours exam, which is composed as follows:

• Multiple Choice: 75 questions related to Cybersecurity fundamentals, maximum time 2 hours
• Open questions,:8 questions related to the practical exercises, maximum time 1 hour.

Both parts of the exam are conducted and evaluated separately.

For both parts of the exam a pass rate of 75% applies.

In case all requirements are met, participants receive the recognized "Cybersecurity Technician (TÜV Rheinland)" certificate and are listed by name as "CySec Technician - Implementation" in the TÜV Rheinland CERTIPEDIA database.

The certificate is an internationally recognized qualification in the industry that demonstrates the knowledge required to practically implement the cybersecurity requirements of IACS.

The following requirements apply:

• Passing both 'Fundamentals' and 'Practical' exams with at least 75% pass rate each.
• At least 2 years of relevant work experience in one or more of the areas of installation, commissioning, testing and maintenance of automation and/or security (IACS) systems.
• Evidence of technical training, national certificate or diploma in a relevant technical discipline or degree (Bachelor, Master, Dipl.-Ing.).
• Alternatively, experience and responsibilities confirmed in writing by employer.
• Individuals who do not have the required work experience may take both the training and the exam. If both parts of the exam are passed successfully, the certificate will be issued as soon as the required 2 years of work experience is demonstrated.

Persons, who have already attended the training course "Fundamentals of Cybersecurity" and passed the exam only have to take part in the practical exercises and the 2nd exam part (subject to availability).

In these cases, the "Letter of Confirmation - Fundamentals of Cybersecurity" issued by TÜV Rheinland is mandatory as proof in order to get the CySec Technician (TÜV Rheinland) certificate.

For more details on dates and venues, as well as costs, etc., please contact us directly.