NERC CIP Security Awareness Training

Ensure NERC CIP training is not just compliant — but effective.

Train All NERC CIP Personnel with Confidence and Ease

SANS Security Awareness NERC CIP training is designed to meet the needs of the heavily regulated and constantly evolving electrical utilities industry. The most up-to-date curriculum addressing CIP-004 requirements on the market, our training equips companies with a simple, continually updated and cost-effective solution that goes beyond CIP compliance and actually changes human behavior.
Learn from the industry's best and brightest
Cover all facets of NERC CIP
Utilize security awareness and cyber training
Simplify training and reporting

Leveraging input from an advisory board of the most well-known influencers in the space, our NERC CIP training is developed by industry practitioners and cognitive experts who guarantee training meets the latest requirements, addresses the latest challenges and makes a lasting impact.

Training modules examine the role of FERC, NERC, the Regional Entities and the development of the CIP Reliability Standards, as well as key terms, definitions and policy requirements. Even more, the convenience of pre-built and auto-updated training frees up organizational resources typically tasked with NERC CIP training, resulting in huge savings in both time and costs.

All staff who interact with BES Cyber Systems require both security awareness training and cybersecurity training appropriate to their roles. Staff directly involved in your NERC CIP compliance program may also benefit from the SANS live-course offering.

Each minutes-long NERC CIP training module reflects real-world working scenarios and links directly to relevant company policies, reducing learner fatigue and making compliance convenient.


What is NERC CIP?

The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards are a set of regulatory standards that address the security and safety of the cyber systems critical to the operation of the North American Bulk Electric System. These standards include requirements outlining the minimum controls and policies that must be implemented by asset owners and operators to address cyber asset identification, access control and monitoring, system management, information protection, incident identification and incident response. The overarching goal of the standards is the assurance of safe and reliable electric system operations.


End-to-End NERC CIP Training

From system operators to IT departments to maintenance staff, literally anyone who interacts with a critical system is required to take NERC CIP training. Through our short, engaging and easy-to-understand computer-based learning modules, all personnel that interact with critical systems can complete and record all required CIP training while learning how to apply concepts in real-world scenarios. Plus, we know when industry standards change, and we automatically update our training before new versions become enforceable, so businesses can rest assured CIP compliance is met.

SANS Training

Beyond Security Awareness Training

If you are involved in supporting a NERC CIP program but don't know best practices in NERC CIP protection standards, we've got you covered. Our live, 5-day training course ICS456: The Essentials for NERC Critical Infrastructure Protection teaches the "what" and the "how" of CIPv5 and CIPv6 standards, empowering students with the information they need to identify and categorize BES Cyber Systems and help determine practical approaches to meeting NERC CIP compliance and its cybersecurity objectives. Students love it!

Western Area Power Administration

This is best-in-class NERC CIP training. The courseware provides valuable compliance approaches and software tools for peer collaboration to build consent on implementation." - Jeff Mantong, Western Area Power Administration (WAPA) , Student at: ICS 456: Essentials for NERC Critical Infrastructure Protection

NERC CIP Training Modules

  • Terms and Definitions
  • Operating Interconnected and Interdependent BES Cyber Systems
  • Asset Identification and Requirement Applicability
  • NERC CIP Policy Requirements
  • CIP-014 Overview
  • Electronic Access Controls
  • Physical Access Controls
  • Protecting BES Cyber System Information
  • Incident Response
  • BES Cyber System Recovery
  • CIP-014 Overview