CIP Security Awareness Training

CIP Security Awareness Training

Electric utility providers have employees and contractors who have authorized cyber or unescorted physical access to BES Cyber Systems. Given the critical role they play in our society, electric utilities are subject to federally mandated North American Electric Reliability Corporation (NERC) reliability standards and are required to comply with its training requirements or face potentially significant financial penalties. The SANS CIP Cyber Security Training is computer-based, was developed to address the requirements of NERC CIP-004 R2, and is NERC CIP Version 6 ready! Training includes 13 modules averaging 5 minutes in length. Click here to learn more.

Let SANS be your CIP training "Easy Button" tracking the changing NERC CIP requirements and making needed adjustments to the training content so you don't have to!

Download Now: CIP Recurring Tasks Checklist

The CIP Standards and requirements have many dates and activities necessary for compliance. There are A LOT of recurring tasks that can easily slip through the cracks. The PDF here is an outline of timing for performing against various CIP standards. Download the CIP Recurring Tasks Checklist today and share it in your organization.

CIP Cyber Security Training: Introduction Video

You can watch the CIP Cyber Security Training introduction video below and request a free demo here.



Security Awareness Training Modules

CIP Cyber Security Training Modules Addressing CIP-004-6 R2
  • Introduction
  • Terms and Definitions
  • Operating Interconnected and Interdependent BES Cyber Systems
  • Asset Identification and Requirement Applicability
  • NERC CIP Policy Requirements
  • Electronic Access Controls
  • Physical Access Controls
  • Protecting BES Cyber System Information
  • Incident Response
  • BES Cyber System Recovery
  • CIP V3 to V6 Delta
  • CIP014-2 Overview
  • Conclusion

Module Description and Requirements Mapping: To view module descriptions/times and a mapping to the CIP-004-6 R2 and CIP-003-6 R1.1 Requirements, please Download

In addition to the CIP Cyber Security Training modules listed above, we recommend you utilize the STH.EndUser program to satisfy Cyber Security Awareness requirements in NERC CIP-004 R1 and CIP-003*. Below is a sample of the modules available with that program.


STH.EndUser Modules Addressing CIP-004-6 R1 and CIP-003-6 R1.2
  • You Are the Target
  • Social Engineering
  • Email & Messaging
  • Browsing
  • Social Networks
  • Mobile Device Security
  • Passwords
  • Encryption
  • Data Security
  • Data Destruction
  • Wi-Fi Security
  • Working Remotely
  • Insider Threats
  • Help Desk
  • IT Staff
  • Physical Security
  • Protecting Your Personal Computer
  • Protecting Your Home Network
  • Protecting Your Kids Online
  • Hacked
  • Senior Leadership
  • Advanced Persistent Threat
  • Cloud
  • International Travel
* Low Impact BES Cyber System requirements are contained in NERC CIP-003-5 R2.1 and CIP-003-6 R1.2.1.