What you will learn
NERC CIP is a field designed to protect the bulk electric system. The focus of this NERC CIP learning path is on having a stronger concept of understanding and the skill sets to immediately implement and assist your organization. Through this, you will gain fundamental knowledge of NERC CIP standards, as well as access to an expert compliance analyst.
Syllabus
Introduction to NERC CIP
Course — 00:41:37
In this learning path, we will explore the creation of NERC, the regional entities, key terms and a brief introduction to the CIP standards.
The CIP-002 standard
Course — 00:47:02
Explore best practices examples to correctly assess critical assets, as well as how to use this knowledge.
Cybersecurity personnel & training
Course — 00:36:09
In this course, we will learn about common system controls that can be utilized to meet requirements of CIP-004.
Electronic security perimeter
Course — 00:26:44
Explore the most common security practices that will give you an understanding of CIP-005 and how to remain compliant.
Cybersecurity physical security of BES cyber systems
Course — 00:39:03
Learn about operational and procedural controls to restrict physical access, unescorted access, monitoring and logging of access.
Cybersecurity system security management
Course — 00:38:05
Learn about the five additional security controls, ports and services, security patch management, malicious software prevention, security event monitoring and system access controls.
Cybersecurity incident reporting and response planning
Course — 00:30:53
Learn to mitigate the risk of your reliable operations by having a process to identify, classify and respond to a cybersecurity Incident.
Cybersecurity recovery plans for BES cyber systems
Course — 00:22:11
Learn of the common conditions for activation of a recovery plan and processes to mitigate the risk and recovering data.
Cybersecurity configuration change management and vulnerability assessments
Course — 00:45:10
In this learning path, we will focus on the requirements of CIP-010 and why good change management and TCA and RM programs are essential.
Cybersecurity information protection
Course — 00:18:03
Learn about proper ways to store and dispose of BES cyber system information with common security controls.
Security management controls
Course — 00:25:04
Learn the differences in requirements for CIP-003 from Medium to Low Impact and take a closer look at Low Impact requirements.
Cybersecurity supply chain risk management
Course — 00:14:41
CIP-013 is about supply chain risk management and what requirements are needed to be compliant. We will learn supply chain security risks and how to mitigate these risks.
Physical security (transmission stations and substations only)
Course — 00:19:08
This requirement helps your entity narrow down which locations would fall into scope.
Cybersecurity communications between control centers
Course — 00:11:47
In this learning path, we will learn about the mitigations that CIP-012 requires to protect data from unauthorized modifications.
Reliability standard audit worksheet (RSAW)
Course — 00:23:57
This learning path will go over what to expect on the RSAW, ERT and best practices when working with auditors.
Meet the author
Sean has eight years of experience as a project manager, CIP compliance analyst and risk management in the energy field.
The details
Learning path insights
How to claim CPEs
Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.
No software. No set up. Unlimited access.
Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.
Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Related learning
You might also be interested in
-
Course
Cybersecurity recovery plans for BES cyber systems
As part of a compliance program, you are required to have a cybersecurity recovery plan in place in the event of an attack. If data is lost, it needs to be quickly recoverable.
Learn More
-
Course
Electronic security perimeter
CIP-005 is about managing your electronic security perimeter, which protects critical cyber assets that reside inside. You’ll also explore documenting all known access point to the perimeter
Learn More
-
Course
Cybersecurity configuration change management and vulnerability assessments
New devices are constantly being commissioned and may need changes over their lifetime of use. CIP-010 provides the requirements of preventing and detecting unauthorized changes and conducting vulnerability assessments to your BES cyber systems. Transient cyber assets (TCA) and removable media (RM) are not CIP-002 classifications and fall in their own category and pose unique challenges to your CIP defenses.
Learn More
You're in good company
We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.
Caleb Yankus
This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.
Daniel Simpson
We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.
Infosec Skills Teams client