Lessons learned from GICSP certification

In this article, we will cover in more detail a specific certification that is highly regarded for professionals employed in cybersecurity, especially in OT: the Global Industrial Cyber Security Professional (GICSP) certification.


As the safety of OT assets has a critical impact on production, companies want to rely increasingly on trustworthy cybersecurity employees to protect their production environments from cybersecurity risks, threats, and vulnerabilities. Therefore, cyber certifications have become an enormous business. There is an ever-growing number of available certificates covering various aspects of cybersecurity and with various levels of complexity (for example, ISO 27001, CISA, CISSP, etc.). We have already covered cybersecurity certificates and the importance of balancing them with practice in the article The Certification Balance. In this article, we will cover in more detail a specific certification that is highly regarded for professionals employed in cybersecurity, especially in OT: the Global Industrial Cyber Security Professional (GICSP) certification.

The GICSP certification condensates quite a broad array of different cybersecurity topics:

  • Industrial control system components, purposes, deployments, significant drivers, and constraints
  • Control system attack surfaces, methods, and tools
  • Control system approaches to system and network defense architectures and techniques
  • Incident-response skills in a control system environment
  • Governance models and resources for industrial cybersecurity professionals

The syllabus makes the certificate particularly appealing to professionals who have limited knowledge of cybersecurity-related topics as well as professionals with existing experience in the field but who want to be up to date with the latest information available or to extend their knowledge to OT.


To prepare better for the GICSP exam, candidates can undergo training which are offered by many institutions, for example by the SANS Institute. While training is not obligatory for passing the exam and represents as well as no indifferent financial effort, they are highly recommended for various reasons:

  • Networking chances: participating in training makes it possible to create connections with experts from different industries, different nations, and diverse backgrounds and potentially even acquire new clients
  • Learn from industry experts: the trainers are cybersecurity experts who usually actively work in cybersecurity as their primary profession
  • Training provides tips on the examination: attending training makes it easier to focus on the most critical areas that are covered in the exams and provides insight on the examinations from the people that prepare it
  • In training is possible to participate in team activities: preparatory training for the GICSP allows participants to take part in interesting group activities, such as the simulation of a cyber security incident

In BxC team members’ experience, participating in preparatory training for GICSP allows as well to have the opportunity to interact with the main worlds where cybersecurity is concerned: IT and OT. Given the context of IT-OT convergence in the industry branch, this is particularly relevant for us to bridge the gap between cybersecurity and business.


Multiple members of the BxC team have participated in preparatory training for the GICSP certificate and consequently obtained the certificate. It also gave us a chance to observe noteworthy facts about the differences in educational background, motivations for sustaining the GICSP exam, roles, company, age), and nationality of the training candidates.

The most significant difference observed was the considerable diversity in the knowledge level of OT and IT systems among the candidates: people coming from the OT world struggled to understand what a VLAN is, while people coming from the IT world had no idea how a batch process works.

This uneven knowledge of various levels of IT and OT was also reflected in the diverse positions filled by the candidates: many were engineers with a long OT experience, working for critical infrastructure such as oil & gas, energy suppliers, and healthcare. Some were vendors of security solutions that wanted to get in touch with the cybersecurity market request. And finally, there were cyber security consultants as well, including BxC team members.

Finally, it is worth mentioning that the reasons for obtaining the certification were diverse as well:

  • Gather more information on OT cybersecurity: having a certificate can increase the knowledge of a specific topic, even if it should not be considered a replacement for continuous training and constant watch on the latest risks, solutions, and technologies of the cybersecurity world
  • Get a certificate as proof of expertise towards clients: having a certification can increase the trust that existing or potential clients have in consultants value of a consultant
  • Wanting to pursue a new career: cybersecurity is an attractive field, and the current demand for professionals is much higher than the offer
  • Changing role inside an organization: gathering knowledge on cybersecurity can empower professionals to cover new roles inside their organization. (As an example, a company can have an employee undergo the GICSP training to cover the BISO role for one of its departments in the future.)


BxC is invested in strengthening the cybersecurity knowledge of its team members with recurring training. Although we are convinced that it is necessary to maintain a certain balance between theoretical and practical expertise, certifications represent an assessable way to demonstrate the possession of know-how towards existing clients and potential new ones. Despite this, at BxC, we firmly believe cybersecurity professionals should focus more on training than obtaining certifications.

Additionally, at BxC, we want to stay at the top of the curve regarding market best practices and standards to ensure excellent quality for our clients.


Obtaining the Global Industrial Cyber Security Professional certification, or any similar cyber security certification, can generate benefits for professionals working in cybersecurity and their companies.

However, it is crucial to acknowledge that while GICSP certification, or any other cyber security certification, presents tangible advantages, it should not overshadow the significance of genuine, substantial knowledge. BxC advises everyone involved in cybersecurity to carefully balance the number of certifications acquired and focus on obtaining knowledge by actively caring for actual cybersecurity tools in the development or production environment.