Options
Passed GCIP
the exam associated with ICS456 fundamentals of critical infrastructure protection. this is the 4th SANS course / GIAC exam I have done since Apr 2017, and it was by far the hardest exam. It's not super technical, but there are lots of moving pieces that have to fit together correctly or your program will not be compliant and the NERC auditors will nail you, with the potential for huge fines.
I took the class in association with the ICS Summit in Orlando. It was pretty well structured and one thing they did that I really liked was group topics logically instead of just starting with CIP 002 and working down. Electronic Security Perimeters and Physical Security Perimeters share characteristics so they got taught consecutively. Configuration Management and Patch Management same thing. There were also a lot of lessons learned that were passed on and given that some major changes have occurred in the CIP arena it was worthwhile, even though I am not actively working in the CIP space at the moment.
A lot of industries are talking about adopting CIP with tweaks to make it fit in their area of interest so it's a class worth looking at.
I took the class in association with the ICS Summit in Orlando. It was pretty well structured and one thing they did that I really liked was group topics logically instead of just starting with CIP 002 and working down. Electronic Security Perimeters and Physical Security Perimeters share characteristics so they got taught consecutively. Configuration Management and Patch Management same thing. There were also a lot of lessons learned that were passed on and given that some major changes have occurred in the CIP arena it was worthwhile, even though I am not actively working in the CIP space at the moment.
A lot of industries are talking about adopting CIP with tweaks to make it fit in their area of interest so it's a class worth looking at.