ICS Training Available Through CISA
CISA offers free industrial control systems (ICS) cybersecurity training to protect against cyberattacks on critical infrastructure, such as power grids and water treatment facilities. CISA’s ICS training is globally recognized for its relevance and is available virtually around the world. Below, the training options are separated and categorized into two groups: the web-based training available on the CISA Virtual Learning Portal (VLP) and the instructor-led training.
On Demand Web-Based Trainings
We offer several online training courses via the Training VLP. These courses are available as soon as a VLP account is created, and additional relevant content is added regularly. These trainings are offered 24/7, year-round.
Begin your new learning experience by visiting the VLP and filling out the registration form. A corporate, government, military, or education email address is required for registration. There are no tuition costs for these courses.
Topics covered in the web-based trainings include:
- Operational Security (OPSEC) for Control Systems (100W) – 1 hour
- Differences in Deployments of ICS (210W-1) – 1.5 hours
- Influence of Common IT Components on ICS (210W-2) – 1.5 hours
- Common ICS Components (210W-3) – 1.5 hours
- Cybersecurity within IT & ICS Domains (210W-4) – 1.5 hours
- Cybersecurity Risk (210W-5) – 1.5 hours
- Current Trends (Threat) (210W-6) – 1.5 hours
- Current Trends (Vulnerabilities) (210W-7) – 1.5 hours
- Determining the Impacts of a Cybersecurity Incident (210W-8) – 1.5 hours
- Attack Methodologies in IT & ICS (210W-9) – 1.5 hours
- Mapping IT Defense-in-Depth Security Solutions to ICS – Part 1 (210W-10) – 1.5 hours
- Mapping IT Defense-in-Depth Security Solutions to ICS – Part 2 (210W-11) – 1.5 hours
- Industrial Control Systems Cybersecurity Landscape for Managers (FRE2115) – 1 hour
ICS Training Calendar
To view all upcoming ICS Instructor-Led and Regional Trainings, please visit the ICS Training Calendar.
Scheduled Online Courses
The scheduled online training courses are instructor led and usually begin the first Monday of the month. Student have three weeks to complete the training. There are no tuition costs for these courses.
In-Person Trainings
The instructor-led ICS training in-person events are hosted by the Idaho National Laboratory and take place in Idaho Falls, Idaho. There are no tuition costs for these courses.
Regional Training Events
We also have virtual regional trainings that take place during the Regional Training Events hosted by the 10 CISA regions. These events include the 101, 201 or 202 courses. Students should coordinate with their CISA Regional Office to attend these events. There are no tuition costs for these courses.
Register Now
Visit the CISA Virtual Learning Portal (VLP) to register for one of the many ICS web-based trainings.
Contact Information
To ask a question or provide other feedback on ICS training, contact us at ICStraining@inl.gov.
Frequently Asked Questions
- Which types of courses are relevant to me?
The ICS courses are designed for individuals who are responsible for evaluating or influencing the cybersecurity posture of critical infrastructure. This could include any number of specific roles and responsibilities, such as cybersecurity management and risk management personnel, information technology and control system (operational technology [OT]) security personnel, network engineers, OT engineers, and managers. The classes are geared toward small- to medium-sized companies with no OT risk management personnel, but all ICS courses are open to everyone.
- Who can register for courses?
These courses are available to all who have a corporate, government, military, or education email address. After a student creates a VLP account, they are eligible to register for the ICS courses. For the scheduled virtual and in-person trainings, all students will be waitlisted initially and an approval email will be sent to students one to two weeks before the course starts.
Please visit the various training pages to see if a training has any prerequisites before registering.
- Do I need to bring anything with me to the in-person trainings?
Students are not required to bring anything to the training, but they are welcome to bring anything they wish and use it during the exercise.
- What happens if I can’t make a training I previously registered for?
If you are approved for a class and cannot attend, please contact nhs-training@inl.gov as soon as possible. If a student does not show up for a class they have registered for, they have cost someone else a seat. For this reason, no-shows will not be invited back.
Privacy Act Statement
Authority: 5 U.S.C. § 301 and 44 U.S.C. § 3101 authorize the collection of this information.
Purpose: The information on this website is intended for government cybersecurity professionals who are participating in the Department of Homeland Security (DHS) Industrial Control Systems (ICS) Program and for cybersecurity professionals who would like more information on implementing a continuous monitoring program. The primary purpose for the collection of this information is to allow the DHS to contact you about your registration using an approved version of Adobe Connect for the DHS ICS training program.
Routine Uses: The information collected may be disclosed as generally permitted under 5 U.S.C. § 552a(b) of the Privacy Act of 1974, as amended. This includes using the information as necessary and authorized by the routine uses published in DHS/ALL-002 - Department of Homeland Security (DHS) Mailing and Other Lists System, November 25, 2008, 73 FR 71659.
Disclosure: Providing this information is voluntary. However, failure to provide this information will prevent DHS from contacting you in the event there are queries about your request or registration.