About GICSP

rajeshkalluri

Hi,
Can some body provide info regarding GICSP.
Is it possible to take up self study to pass this? Can some body suggest references for this


Thanks & Regards,
Rajesh

cyberguypr

I'm assuming you mean GISP. I am always curious as to why people do this cert instead of CISSP. Although in the other thread you said you would go for CISSP. I'm confused.

But to answer your question, yes, you can self-study for any GIAC test. No requirement to take the course although it definitely helps.

rajeshkalluri

Actually i am referring to GICSP only ...
Industrial Cyber Security Certification | GICSP | GIAC Certifications

And it's true ... in other thread i told that, i was planning to go for CISSP ... Thanks for remembering me ...

I am preparing for CISSP and i am exploring for GICSP ...

main factor is ... i am more into the industrial cyber security than information security ...

That's why, i am looking at some help to know which is relevant for me ...

Thanks for your reply ...

cyberguypr

Got it! That make more sense.

SoCalGuy858

Selfish bump. I'm also highly interested in the GICSP. My company deals with IoT / SCADA / etc. systems, so this seems to be right up my alley.

broli720

Honestly I have mixed feelings about GICSP. On one hand the control system knowledge is beneficial, but I firmly believe that it should not and does not give someone the credibility to implement security solutions on a control system. The control system arena is calling for more technical IT professionals (not just auditors/assessors) to deal with the dynamic environment we live in today. This is made especially worst with the IoT era.

I think the control system knowledge it gives you is great, but that could be covered in a class and not a certification. The IT side is a different animal than OT. I'd rather teach a competent sys/network admin with a security background about control systems than the other way around. Just my two cents.

BlackBeret

I'm considering taking the course for this cert myself. While I know that it's always possible to self-study, this is a field that I'm interested in yet know little about. With that I think I would benefit more from the course than having the certification. As Broli said, this course doesn't seem to contain a lot of security information that I'd like, but the basics for ICS are there. Beyond the GICSP course there are other classes, such as SANS SCADA/ICS penetration course, that do not have certs attached to them. Those courses would be my end goal if I were to study the ICS area.

sr2000

Hello-
I am planning to take ICS course and go for the GICSP exam in next 6 weeks, it would be interesting to hear from anyone who took the exam (GICSP) in last months on how to approach the GICSP exam?

BlackBeret

sr2000, are you taking the course in Houston?

sr2000

Yep, that's the plan. What about you?

BlackBeret

That was the plan but I'm working on moving to a new company, if that happens I wont be able to take off that soon.

sr2000

Good luck BlackBeret on the new role. Are you planning to take GICSP exam in next few weeks?

ravis22

sr2000 or BlackBeret... have either of you taken the GISCP exam yet? I'm in the Houston area myself and am just starting to look at the material now and plan on taking in the next few months. Any pointers or tips??

BlackBeret

No, I made the move to the new company and they have some other cert requirements. I'll be taking GCIA, GCIH, then trying to GICSP. The benefit is this company pays for certs, so I'm happy with pushing it back a bit in order to save myself the money.

Jebjeb

** NM passed it, Books not needed.

Johnnynogood

Hi,
Since this certification is supposed to be based upon an open body of knowledge, where can I find a list of recommended study materials? I noticed a few posts mentioning the books and not needing them(Jebjeb included), I'm good at self driven learning, I'm willing to give it a go.
Surely there is another source outside the $5-10k asked through SANS and the like...

I have been looking around online but all I can find is search results flooded with expensive courses mostly located in the US, I dont see why if we only have access to the online content in Australia why there isnt a source list to study not through SANS and then just do the exam.

Girisiva

Hi,

Can someone help me on the self study materials.

sougat

Can somebody point me to some relevant study material for GICSP without paying for SANS expensive course materials. Thanks.

appezatto

I'm currently taking the online training for GICSP thru SANs OnDemand ICS410. My personal opinion about this whole ICS thing (even after taking the DHS training a while ago) is that roughly 20% is ICS related (when you actually learn what it is and its components) and 80% is attack and defense that you learn in CEH related courses. At the end of the day, there are computers and network involved and that is what you need to protect prior the attacker to get into one or more PLCs and ultimately cause damage to whatever Industrial process is in the other end. The training will walk you through the ICS stuff, some ICS protocols, network defense, operating systems (linux and windows) defenses and etc. While it is important to have a good understanding on the ICS stuff, the topic it is really on how to defend your network. HTH.

sb97

I had to take an early version of the class and test for work. At the time I was working in a MSSP environment and one our clients paid to send the analysts and engineers assigned to the account to the class. I switched jobs not long after passing the test so I no longer work in an ICS/SCADA related role.

TBH, I had not done much work that was specific to ICS/SCADA-environments. I only used the SANS books as training references to pass. So I cant really give any good recommendations on external references. The material for this class was more focused on terminology than the other SANS courses I have taken (GCIA and GCFE). I remember the test being more focused on standards and concepts than on scenarios.

theant

I have talked to the chair of the group that created the GICSP who recommended the class for resume dressing for me.

Almost all I have is real world experience. Get this, in my case most employers do not give you a second look without certs, in folks who have the certs they get no attention because they don't have experience. I will take the GCISP I guess to make myself a unicorn.

I am told that one gets a leg up in ICS experience. I have some of all all of that stuff on me. Electronics, Industrial Automation hardware ad software and "grew up" as Ethernet and TCP/IP and other protocols came on.

The huge thing is the importance of availability and reliability. If an IT LAN loses connectivity, somebody cannot access their database and is unproductive. Subverted industrial control LANs on the other hand can cause people to get killed if a chemical plant or some automation goes haywire. Industrial control people want people who have worked in that arena and knows the feeling when plant operators are running back and forth between safety gear and controls while alarms are sounding. They run faster if the automation and informational tools are not available. They need their HMIs and graphs, and alarms software to understand what is happening and to make changes to fix problems.

Imagine you're working on hardware in a congested maze of cables in a cabinet and your fellow hardware guy says "Pull the power from the floppy drive." Yes, it was a long time ago. You pull the plug and he says "Uh Oh!" and you start hearing alarms and operators rush in asking if you did anything. So I ask, "What happened?" He says, sometimes when you pull power to the floppy drive it shuts down the control computer... and it did this time!" We explained what happened and the lead operator said, it really isn't a problem, "Just shut down a turbine and we will restart it." The longer it was down the longer it would take to stabilize and put back online... read, "money". Any unplanned shutdown of chemical plant controls carries increased risk to personnel. Many Ethylene and other boomish or poision hazard plants permit only essential skeletal manpower on startup and shutdown because of risk even when planned.

https://files.sans.org/summit/icsapac13/PDFs/Global%20Industrial%20Cyber%20Security%20Professional%20Certification.pdf

sb97

If you are going to take the class then brush up on the various regulatory groups/ISO standards. My test felt weighted towards those and the notes in the book didn't always provide a clear answer. (In full disclosure, I took an early version of the course and test in 2014. Things have likely changed quite a bit).

I changed jobs last year and I did get a screening call from a recruiter specifically because I had the GICSP. The job was not what I was looking for and I was certainly not qualified. My background is as an analyst and they were looking for more of an engineer/architect. The reality is that certs can get you past the automated screening techniques that recruiters tend to use.

Talhariasat

Hi I am planning to take GICSP certification. Please advise from where I can get studyou material without spending 5-6 k $$.

636-555-3226

Real-life experience. There aren't a lot of books around securing ICS. GICSP is relatively basic for those who live in the ICS world, so if you've already got some ICS security years under your belt you should be OK. Otherwise, good luck in finding an alternate resource!