NERC CIP Cyber Security Training Details

NERC CIP Cyber Security Training Details

SANS Computer-Based CIP Training Program

Consists of two parts: CIP Cyber Security Training and End User Security Awareness Training

Designed by an unrivaled team of CIP experts and advisors

Our in-house team of experts, a former NERC officer, former directors of CIP Compliance departments and an advisory panel of industry practitioners created the SANS CIP Cyber Security Training. They aligned the content exactly to each of the NERC requirements: When you sit down across the table from your auditor you can be confident they'll clearly see how your training program meets the standard requirements.


CIP Cyber Security Training

Includes 13 CIP-specific modules designed to address the requirements of CIP-004-6 R2

End User Security Awareness Training

Utilizes a proven framework based on the 20 Critical Security Controls and includes 24 security awareness modules aimed at changing user behavior and reducing risk covers the cyber security awareness training requirements of CIP-004-6 R1 and CIP-003-6 R2, Attachment 1.


Guaranteed updates and customization

Never fall behind with guaranteed updates. CIP-004 R2 requires that your organization train on entity- specific policies and we've designed the training program to enable you to add direct links to your security policies following each module. Each module also includes an online quiz to verify the user's comprehension of the CBT content.

Keeping the CIP training content updated and relevant is critical to the success of any security awareness program. SANS updates the training content as needed and these updates are delivered free of charge to all active CBT license holders. The training modules are designed to be hosted on the SANS Advanced Cyber Learning Platform (ACLP) or your organization's own SCORM-compliant LMS. All of the CBT training is U.S. Federal 508/ADA compliant.


Overview video of NERC CIP Cyber Security Training

Learn More about CIP Cyber Security Training


SANS 5-day CIP Training Course: ICS456 - Essentials of NERC Critical Infrastructure Protection

For those responsible for CIP compliance implementation

The course empowers students with knowledge of the "What" and the "How" of the Version 5/6 standards. The course addresses the role of FERC, NERC and the Regional Entities, provides multiple approaches for identifying and categorizing BES Cyber Systems and helps asset owners determine the requirements applicable specific implementations.

"This is best-in-class NERC CIP training. The courseware provides valuable compliance approaches and software tools for peer collaboration to build consent on implementation."
- Jeff Mantong, WAPA

The Essentials for NERC Critical Infrastructure Protection 5-day course is designed for:

  • IT and OT (ICS) cybersecurity
  • Field support personnel
  • Security operations
  • Incident response
  • Compliance staff
  • Team leaders
  • Governance
  • Vendors / Integrators
  • Auditors

ICS456 was developed by SANS ICS team members with extensive electric industry experience including former Registered Entity Primary Contacts, a former NERC officer, and a Co-Chair of the NERC CIP Interpretation Drafting Team. The authors bring real-world, practitioner experience gained from developing and maintaining NERC CIP and NERC 693 compliance programs and actively participating in the standards development process.