GIAC’s Global Industrial Cyber Security Professional (GICSP) validates “an understanding of IT, engineering, and cyber security to achieve security for industrial control systems from design through retirement. Professionals holding the GICSP have the knowledge to work with a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments.”
Disclaimer: experience in the field provided the much needed context that only comes from being immersed in securing complex ICS environments and the many technical/process rabbit holes you’re forced into daily.
I attended employer funded on-demand SANS ICS410 course as part of my annual development goals. I did not take time off of work for the course. Instead, I set a rigorous completion schedule for the 5 day course:
- All day Saturday & Sunday
- 2 – 3 hours per evening Monday – Friday
I used Lesley Carhart’s (@hacksforpancakes) GIAC Indexing Guide published here.
I completed the SANS ICS410 course and studied off and on for a few weeks afterwards. I took the practice exams after each module and invested time in weak areas before moving to the next module.
The course is broad and covers other types of ICS components, such as those used in manufacturing environments. Therefore, even if you have ICS experience in a power utility, you should expect to encounter new subject matter that requires additional research outside of the course.
After finishing the course, I set a daily reading goal of 1 – 2 hours per day. Some days I did more, some days less, and some days I did not study at all.
The practice tests in the course are meant to reinforce the knowledge gained in the course, not pass the GIAC exam. GIAC has its own practice exams that simulate the real environment.
I took the first practice exam and did okay. Although I was tempted to take the second practice exam right after, I took Lesley’s advice and stepped away from the ledge. The practice exam is 3 hours long just like the real exam, so unless you want to have a CISSP anxiety & stress level day, give yourself time between practice tests.
I scored higher on the second practice exam, so I felt comfortable scheduling the actual exam.
My first exam attempt was at a testing center. As luck would have it, the electricity went out in the middle of our exams!
I contacted GIAC and was allowed to schedule a remote proctored exam. I was able to pick up where I left off at the exam center. I love tech!
Although my drivers license & a credit card were acceptable forms of ID at the testing center, the remote proctor required two forms of government ID. Apparently that was a recent change, so make sure you have a drivers license + passport, voter ID card, or some other form of government issued ID with the name that matches your exam record.
Process from start to finish: 3 weeks.
I will be the first to admit that I had unhealthy work habits before COVID-19. Being in quarantine with insomnia exacerbated working and/or reading too much. I do not recommend my self-imposed aggressive schedule to complete goals, but I’m sharing so you can take pieces of this and build your own certification strategy.
Feel free to reach out if you have additional questions.
No, I cannot give you my SANS materials.
Keirsten Brager is a Lead Security Engineer/NERC-CIP SME in critical infrastructure and was recently named one of Dark Reading’s top women in security quietly changing the game. She is also the author Secure The InfoSec Bag: Six Figure Career Guide for Women in Security. She produced this resource to help women strategically plan their careers, diversify their incomes, and fire bad bosses. Keirsten holds a M.S. in Cybersecurity and several industry certifications, including GICSP & CISSP. As an active member of the Houston security community, Mrs. Brager has participated in a number of panels and public speaking engagements promoting strategies for success. In her free time, she loves sharing career advice, studying Black history, and convincing women not to quit the industry.