Cybersecurity for Energy Micro-credential Program
Overview
Cybersecurity for Energy is an industry-informed upskilling program designed to build practical cybersecurity capability for Canada's energy sector. Developed in collaboration with senior cybersecurity leaders from major energy organizations, the program focuses on real-world information technology (IT) and operational technology (OT) environments across the energy supply chain.
The program is designed for experienced IT professionals looking to transition into or strengthen cybersecurity roles in energy and critical infrastructure settings. Learners develop applied skills in vulnerability assessment, incident response, and security gap analysis, aligned with recognized frameworks and industry practices, with an emphasis on practical assessment and standardized reporting.
Courses may be taken individually or completed as a program, allowing learners to tailor their learning to their professional goals and experience.
Who should attend?
Recommended for mid-career professionals with at least three years of work experience, ideally within the IT sector or a related field, who are seeking new career opportunities in cybersecurity.What you'll learn
Learners will demonstrate competency in key concepts related to vulnerability analysis, contextual risk evaluation, and cybersecurity practices within energy-sector information technology (IT) and operational technology (OT) environments. They will learn to prioritize vulnerabilities and incidents using exploitability and severity insights, apply industry frameworks to guide response planning, and assess risk within real-world operational contexts. Participants will also learn how to communicate cybersecurity findings through clear, professional reporting to support informed decision-making.
Micro-credentials
-
Vulnerability Assessment in Energy
In this micro-credential, learners develop the skills to conduct vulnerability assessments within the energy sector’s Information Technology and Operational Technology environments. Learners will identify, analyze, and prioritize system and equipment vulnerabilities using industry-standard databases, such as the Common Vulnerability Scoring System (CVSS) and information from the National Vulnerability Database (NVD). They will evaluate risk in context, recommend mitigation strategies, and communicate findings in a professional report that supports organizational cybersecurity and continuity. This course emphasizes prioritization and decision-making, enabling learners to produce a defensible vulnerability assessment report that reflects real-world operational, safety, and regulatory considerations.
This micro-credential requires a time commitment of approximately 9 to 12 hours.
-
Incident Reporting and Response in Energy
In this micro-credential, learners develop the skills to respond to cybersecurity incidents in the energy sector by applying the National Institute of Standards and Technology (NIST) Incident Response Life Cycle. Learners examine the stages of incident preparedness, response, and recovery, conduct a root cause analysis using frameworks such as the Fishbone Diagram and the 5 Why’s method, and document their findings in a formal incident report. The course emphasizes the use of the NIST Cybersecurity Framework to identify and prioritize control gaps and supports practical readiness in mitigating cyber threats.
This micro-credential requires a time commitment of approximately 9 to 12 hours.
-
Security Gap Assessment in Energy
In this micro-credential, learners acquire the skills to identify and assess security gaps within an energy organization’s Information Technology and Operational Technology infrastructure. They learn to map current security controls against established frameworks such as the Purdue model and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. Learners develop the ability to evaluate risks using a risk rating matrix and formulate prioritized recommendations to address vulnerabilities. The course culminates in creating an implementation roadmap and standardized report to support informed decision-making and enhance organizational cybersecurity.
This micro-credential requires a time commitment of approximately 9 to 12 hours.
Program information
- Schedule
- Program structure
- Fees, discounts and registration
- Online delivery
- Policies
- Continuing Educations Units
Spring 2026
| Vulnerability Assessment in Energy | Monday, April 20 to Friday, July 3, 2026 | midnight to 11:59 p.m. |
|---|---|---|
| Incident Reporting and Response in Energy | Monday, April 20 to Friday, July 3, 2026 | midnight to 11:59 p.m. |
| Security Gap Assessment in Energy | Monday, April 20 to Friday, July 3, 2026 | midnight to 11:59 p.m. |
Self-directed and self-paced
This program/course is self-directed and self-paced.
Micro-credential courses will be delivered fully online with no scheduled lectures. Learners must complete the program/courses independently and at their own pace, within the given timeframe.
Sequential completion of each micro-credential course is recommended:- Vulnerability Assessment in Energy
- Incident Reporting and Response in Energy
- Security Gap Assessment in Energy
The Cybersecurity for Energy program is an 11-week program comprised of three (3) micro-credentials. Estimated completion time per micro-credential is approximately 9 to 12 hours.
Facilitator support
This offering is supported by a facilitator who is available to answer learner inquiries and provide feedback on assessments. Learners will have two chances to successfully complete each assessment by the specified deadline(s), after receiving feedback from the facilitator.
Spring 2026
| Registration fee | Registration status |
|---|---|
| $599 CAD + HST (regular) |
|
| NOTE: Individual course fees and registration dates vary. View the relevant course page for more information. | |
Discounts
The Alumni/Staff Discount applies to registration in this program/course.
If you are alumni or staff, contact continuouslearning@ontariotechu.ca with your Student/Banner ID before registering for details about how to apply this discount.
Registration
You can register for this course through the secure online registration form. All course fees must be paid at the time of registration.
Online delivery
This offering may include, but is not limited to:
- Content presentations and/or videos;
- Hands-on exercises;
- Case discussions and simulations;
- Group and individual work (assignments/quizzes);
- Concept and topic discussions; and
- Topic reflections.
This is an open enrolment offering.
Those completing Ontario Tech University Continuous Learning open enrolment offerings (e.g. certificate programs, courses, workshops, microcertifications, etc.) are subject to the policies of Ontario Tech University and Continuous Learning. Ontario Tech policies can be found in the Policy library. Continuous Learning policies can be found in the Regulations section of the Continuous Learning website. Specifically, those completing open enrolment offerings are expected to adhere to the General and Open enrolment regulations.
Ontario Tech University – Continuous Learning assigns Continuing Education Units (CEUs) to eligible offerings. CEUs are awarded under the Ontario Tech University – Continuous Learning (CL) Framework for Awarding Continuing Education Units (CEUs) and Professional Development Hours Reference Standards.
CEUs are provided to support professional development reporting. They do not constitute accreditation or certification by an external licensing or regulatory body. Recognition and acceptance of CEUs are determined solely by the policies of individual employers, professional associations, or professional regulatory organizations.
Requirements
- Admissions
- Successful completion
- Technology requirements
- Micro-credentials and digital badges
- OSAP for micro-credentials
To successfully complete the program, you must:
- Register and make full payment for the program/course; and
- Successfully complete all components of the program/course by the specified due date(s).
Participants will receive a Level 1 micro-credential badge upon successful completion of each individual micro-credential. Upon successful completion of all 3 micro-credentials (the full program) participants will receive a Level 2 micro-credential badge.
Note: The program runs from April 20, 2026 to July 3, 2026; with registration remaining open until April 24, 2026. While late registration is available, learners must complete the program by the listed program end date, regardless of the date they registered.
Technology requirements
Online learning requirements:
- Computer or device with internet access
- Stable internet or data connection
- Microphone*
- Webcam*
- Audio device (examples: speakers, headphones/earbuds, headset)
*Optional
Material requirements
There are no additional materials required.
A micro-credential is a digitally-recorded recognition of a specific skill. It is a portable communication tool that represents evidence of your skills for employers, educators, and peers. Micro-credentials are created with industry, so you can be assured that the skills you are learning are in demand and current.
Learn more about micro-credentials and digital badges on the Learning Innovation website.
OSAP for Micro-credentials is available for eligible students taking a ministry-approved micro-credential that is less than 12 weeks. To be eligible for OSAP for Micro-credentials, a student must be a Canadian citizen, a permanent resident, or a protected person; and, be a resident of Ontario. A step-by-step guide on how to apply for OSAP for Micro-credentials is available here.
For more information please visit the OSAP website at www.ontario.ca/OSAP.
