My Journey to Achieving the GICSP Certification Through Self-Study

I'm thrilled to share a critical achievement in my career path – conquering the Global Industrial Cyber Security Professional (GICSP) certification, a crown jewel in OT/ICS Security, endorsed by GIAC and SANS. What makes this moment even sweeter is that I charted my path to success through self-directed study, harnessing a variety of available resources and a select few specialized materials After numerous requests from my LinkedIn family, I'm writing this to share my study strategy with you all.

Beginning our exploration, let's first understand what the GICSP is and determine the ideal individuals who should consider pursuing this exam.

The GICSP (Global Industrial Control System Security Professional) is a prestigious cybersecurity certification for those who focus on keeping industrial control systems and networks secure. It's perfect for control system engineers/automation professionals who are keen on learning more about cybersecurity in their field. It's also suited for IT cybersecurity engineers and administrators who want to dive into the world of industrial control systems and operational technology security. If you're in one of these roles and eager to expand your cybersecurity skills, this certification is designed for you.

Decoding the GICSP Map

I started my journey by exploring the GICSP website, getting a solid feel for what the exam is all about. This was one of the major steps as it helped me to understand the requirements and expectations of the exams, i was able to find the following areas of the exam:

• Industrial control system components, purposes, deployments, significant drivers, and constraints
• Control system attack surfaces, methods, and tools
• Control system approaches to system and network defense architectures and techniques
• Incident-response skills in a control system environment
• Governance models and resources for industrial cybersecurity professionals

Study Material that helped me cover the exam areas.

• SANS Digital Library: A wealth of resources, from videos to whitepapers, illuminated my path.

White Papers :

https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls

https://sansorg.egnyte.com/dl/R0r9qGEhEe

https://www.sans.org/white-papers/39485/?msc=blog-ics-library

https://www.sans.org/white-papers/38515/?msc=blog-ics-library

https://www.sans.org/white-papers/37845/?msc=blog-ics-library

SANS Youtube Official Channel and ICS/OT Security Videos

https://www.youtube.com/watch?v=OEw6j6slYY4

https://www.youtube.com/watch?v=5Pip8jcKZh0

https://www.youtube.com/watch?v=tRJWsIOV2oU

• Mike Holcomb Columns and Study Guides: Mike stands out as an extraordinary leader in the OT/ICS space, one of the finest our community has to offer. His writings were instrumental in my study, offering a deep understanding of both the basics and more complex aspects of OT cybersecurity. I highly recommend checking out his work for invaluable insights.

https://www.dhirubhai.net/posts/mikeholcomb_cybersecurity-automation-engineering-activity-7158851597639237632-Siy0?utm_source=share&utm_medium=member_desktop

• NIST Publications: These were my navigational stars, guiding me through complex concepts with clarity. Following are the special publications I have used during my exam study (NIST 800-53, NIST CSF, NIST 800-82, NIST 800-61).?? https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final?? https://csrc.nist.gov/pubs/sp/800/82/r3/final?? https://www.nist.gov/cyberframework
• CISA's Online Learning: CISA's Online Learning platform was a big help in my study, showing me how things work in the real world of Industrial Control Systems (ICS). These online courses are available free of cost and real help factor in the study https://www.cisa.gov/ics-training-available-through-cisa
• YouTube Educational Series: These videos are very helpful for people who are coming from IT Cyber-Security Backgrounds into ICS/OT Cybersecurity, they cover from basic to advanced levels concepts in OT Cybersecurity and will help in bridging the gap of the exam.https://www.youtube.com/playlist?list=PLI78ZBihrkE1EpPaG79hQFuEIN9_35EbA

Preparing the CyberLive/Labs

The practical portion of the GICSP, the CyberLive labs, was like navigating through a storm. You must have good command over tools like Nessus, Wireshark, Nmap, SQLMap, and Burpsuite; Moreover, you should be proficient in using/troubleshooting and logging in Windows and Kali Linux.

I have made my On-Premises Lab consist of VMs (Windows+Linux) for practicing these tools and their usage.

Sourabh Suman Master ICS/OT Cybersecurity: Fundamental to Advanced Course is one of the keys for me to develop labs related to Linux and Cryptographic (Hash, Encryption Keys)

https://www.udemy.com/course/master-ot-ics-security-2/?couponCode=MODBUS

Books I have utilized for the study

1. Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT by Craig, Philip A.; Brooks, Charles J.
2. Industrial Cybersecurity: Efficiently secure critical infrastructure systems by Ackerman, Pascal

Making Indexes of the Notes/Study Material

Notes Indexes are key to success in efficiently utilizing the exam time, the exam is an open book and you need to consult the notes/books frequently during the exam, the better indexes you make the better time will be managed in the course of the exam.

Lesley Carhart has defined a wonderfull approach for making the indexes for the SANS Exams and this technique helped me in making mine.

https://tisiphone.net/2015/08/18/giac-testing

Setting Sail for the Exam.

1. After investing a considerable amount of time in exam preparation, I decided to undertake a practice test to assess my current level of competence and identify any areas of weakness that required further attention. Upon my initial attempt, I successfully passed the practice test, although it still highlighted one or two areas necessitating additional study.
2. Following five days of practice testing, I proceeded to schedule the actual exam at a Test Center. Arriving at the center 30 minutes before the appointed time facilitated the completion of pre-exam procedures seamlessly. Three hours later, I emerged from the examination room with the elation of having successfully cleared the exam, an indescribable feeling of joy washing over me

Reflecting on the Journey

Conquering the GICSP was more than a test of knowledge; it was a journey of self-discipline, strategic study, and practical navigation. It sharpened my skills, pushing me to explore new horizons in OT networking and cybersecurity.

I hope my journey inspires future explorers of the GICSP certification. I like to thank the SANS Institute for designing such a great exam that transformed the skills of ICS/OT Cyber Security Consultants/Engineers/Architects.