WisePlant – A WiseGroup Company
2160: Assessment of Industrial Cyber Risks in Zones and Conduits 1

2160: Assessment of Industrial Cyber Risks in Zones and Conduits

Recommend or Share:

Develop all the necessary tools to execute the Industrial Cyber Risk Assessment, complying with all the requirements of the ISA/IEC-62443 series of standards, with ease, speed and ensuring compliance. The methodology for the assessment of cyber risks correctly is essential to make the right decisions with the main objective of creating industrial infrastructures resilient to all types of threats, even the most persistent. The course is developed entirely with the Zones & Conduits Manager system and mainly with the ASSESS Software module, covering 100% the needs of the Industrial Cyber Risk Assessment Phase for existing or new systems.

At the end of the 2160 course, you will be able to:

  • Properly interpret the requirements of the ISA/IEC-62443 series of standards for the Cyber Risk Assessment (ASSESSMENT) phase.
  • Develop all these risk assessment activities successfully, employing a minimum amount of time, devoting most of it on the value activities.
  • Correctly identify the system under consideration, whether these existing or future systems, starting at engineering stages.
  • Participate in and lead a detailed Cyber Risk assessment based on realistic consequences.
  • Make good decisions consistently with other industrial risk disciplines.
  • Develop a clear and effective action plan for risk reduction according to the company’s risk matrix and risk tolerance.

Course Contents:

  • Interpret the requirements and understand the necessary activities to be carried out during the Cyber Risk Assessment (ASSESSMENT) phase with Zones & Conduits Manager.
  • Configure install and operate the Zones & Conduits Manager system to:
  • Accurately identify the complete list of cyber-assets that constitute the system under consideration, including Hardware, Virtual Machines and Software. Including all levels of the PERDUE model and all Cyber-Assets connected to networks and those that are not.
    • Configure and use the Midget Inspector to identify Cyber-Asset inventories in a practical, economical, manual, safe and complete way.
    • Install, configure and use the Zone Analyzer to continuously identify and monitor 7x 24 and passively the Industrial Cyber-Assets.
    • Install, configure and use the Duct Analyzer to continuously identify and monitor, 7×24 and passive industrial networks and their protocols.
  • Configure and use the ZCM Server to identify vulnerabilities of all Cyber-Assets that are part of the System under Consideration. Including Public Vulnerabilities (existing in global databases), Private Vulnerabilities (typical of the particular installation of the SuC), and zero-day vulnerabilities.
  • Model the initial Zones and Conduits currently existing in the System under Consideration (SuC).
  • Model the Industrial Cybersecurity risk matrix to be used to calculate Industrial Cyber Risk in a repeatable and auditable way.
  • Develop an organizational maturity assessment against global best practices, including ISA/IEC-62443 and C2M2 and how to use other models.
  • Develop security breach assessments against global best practices, including: ISA/IEC-62443 and others.
  • Model the company’s Assets and identify all potential consequences for the hazard identification technique and criticality analysis of all SuC Cyber-Assets.
  • Participate in and conduct a detailed cyber risk assessment according to the ISA/IEC-62443 risk assessment methodology.
  • Develop the necessary Recommendations to reach the Tolerable Risk by the organization.
  • Prepare the necessary reports with the necessary recommendations regarding technology, systems, policies, procedures, best practices and until the maturity of the organization.
  • Create the Dashboard with the objectives that will be necessary to incorporate in the implementation phase, (IMPLEMENT).

Practical exercises to be done in class:

  • Identification of Cyber-Assets using different techniques and tools, automatic and manual.
  • Interpret the results of the different results and used to model the SuC in Zones and Initial Ducts. (Existing As-Is).
  • Identify Technological Vulnerabilities (CVEs,..), procedural and administrative, using the resources available in the ZCM created for this purpose.
  • Interpret the results of an existing HAZOP study to obtain relevant information that will be used in the risk assessment and configuration of the ZCM system.
  • Determine the Target Safety Level for each Zone and Conduit.
  • Detailed Risk Assessment on Zones and Conduits of a system in an example plant to make decisions that serve for the mitigation of industrial cyber risks.
  • Produce a final report with recommendations for improvement to be implemented in the SuC, the plant and the organization.
  • Monitor Zones and Conduits continuously for changes, intrusions, and malware. (This topic is developed intensively in the MAINTAIN course.)


  • Course Material.
  • Access to the Educational Campus.
  • Complementary material in digital form available on the academic campus.


It has no specific requirements. It is recommended that the professional has knowledge of any of the following topics:

  • Systems of Supervision and Automation of Industrial Processes.
  • Industrial protocols, such as: Modbus, Profibus, Ethernet/IP, OPC or others.
  • Instrumented safety and functional safety systems. ISA84 Committee Standards.
  • Experience in plants and industrial processes.
  • ANSI/ISA 5.1 Process Symbology Standard
  • IsA95 industrial data flow and information management standard.
  • Industrial Cybersecurity Standards published by the ISA99 committee.
  • Information cybersecurity (IT) and domain of data networks.

Certificate: Specialist in Cyber Risk Assessment in Industrial Systems

  • CRE Credits: 1.6
  • The exam to obtain the certification is taken in class at the end of the course. Available in Spanish, Portuguese, and English.


All participants who meet the course requirements and who successfully pass the final exam with a good grade will be awarded a Digital Badge. The Digital Badge certifies that the participant has attended the 2160 training course and has taken the final evaluation test with a good grade, verifying that said participant has assimilated the new knowledge reasonably.