ICS Cybersecurity Training

ICS Cybersecurity Training

Print Friendly, PDF & Email

Introduction:

ICS Cybersecurity Training Course with Hands-On Labs (Online or Classroom Live)

This ICS Cybersecurity Training event will provide hands-on training in discovering who and what is on the network, identifying vulnerabilities, learning how those vulnerabilities may be exploited, and learning defensive and mitigation strategies for ICS. ICS Cybersecurity training is designed for security professionals and control system engineers in order to provide them with advanced cybersecurity skills and knowledge in order to protect the Industrial Control System (ICS) and keep their industrial operation environment secure against cyber threats.

ICS has recently applied in many industries such as electric, water, wastewater, oil, natural gas, chemical, paper, food, and discrete manufacturing. The reason is due to the numerous attack records in ICS with varying level of potential risk and impact. This ICS Cybersecurity Training course covers a variety of topics in ICS Cybersecurity area such as: ICS fundamentals, ICS security architecture, ICS vulnerabilities, ICS threat intelligence, NERC Critical Infrastructure Protection (CIP), ICS risk management and ICS risk assessment. Moreover, you will learn about ICS auditing and assessment, IEC 62443 standard for system security, ICS implementation and development, ICS incident response, ICS network protection, ICS server protection, SCADA security policies and standards, SCADA cyber-attacks detection, and a lot of labs and hands on examples.

By taking the ICS Cybersecurity training you will learn about the life cycle of ICS implementation, ICS policies and procedures, ICS risk management framework steps, access control, contingency planning, and incident response. The ICS Cybersecurity course by ENO is an interactive course with a lot of class discussions and exercises aiming to provide you a useful resource for ICS cybersecurity.

WHAT’S INCLUDED?
  • 4 days of ICS Cybersecurity Training with an expert instructor
  • ICS Cybersecurity Guide
  • Certificate of Completion
  • 100% Satisfaction Guarantee
RESOURCES

Related Courses

ICS Cybersecurity Training – Customize It:

  • If you are familiar with some aspects of ICS Cybersecurity Training, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the ICS Cybersecurity Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ICS Cybersecurity Training course in manner understandable to lay audiences.

ICS Cybersecurity Training – Audience / Target Group:

The target audience for this ICS Cybersecurity Training course:

  • Control engineers, integrators and architects who will be designing a secure ICS
  • System administrators, engineers who secure ICS
  • Information Technology (IT) professionals who administer, patch or secure ICS
  • Security Consultants who perform security assessment and penetration testing of ICS
  • Managers who are responsible for ICS
  • Senior managers want to understand or apply ICS cybersecurity program to their control system
  • Researchers and analysts working on ICS security
  • Vendors who will develop products for ICS
  • Executives and managers of ICS Cybersecurity area
  • Information technology professionals, security engineers, security analysts, policy analysts
  • Investors and contractors who plan to make investments in ICS industry.
  • Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects

ICS Cybersecurity Training – Objectives:

After completing this ICS Cybersecurity Training course, attendees will be able to:

  • Understand fundamentals of Industrial Control Systems (ICS)
  • Recognize the security architecture for ICS
  • Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers
  • Learn about active defense and incident response for ICS
  • Learn the essentials for NERC Critical Infrastructure Protection (CIP)
  • Understand policies and procedures for NERC critical infrastructure protection (CIP)
  • List strategies for NERC CIP version 5/6
  • Apply risk management techniques to ICS
  • Describe ICS Active Defense and Incident Response
  • Describe techniques for defending against the new ICS threat matrix
  • Assess and audit risks for ICS
  • Apply IEC standard to network and system security of ICS
  • Implement the ICS security program step by step
  • Protect the ICS network from vulnerabilities
  • Understand different types of servers in ICS and protect them against attacks
  • Apply security standards to SCADA systems based on NIST SP 800-82
  • Detect different types of attacks to SCADA systems
  • Tackle all the security challenges related to ICS cybersecurity

ICS Cybersecurity Training – Course Syllabus:

Fundamentals of Industrial Control Systems (ICS)

  • Evolution of Industrial Control Systems (ICS)
  • Global Industrial Cybersecurity Professional (GICSP)
  • ICS Industrial Sectors
  • ICS Operation and Components
  • ICS Design Consideration
  • Real-Time Operating Systems
  • Programming Controllers
  • SCADA Systems
  • Distributed Control System
  • Programmable Logic Controller
  • ICS and IT Systems Security
  • Distributed Control System (DCS) versus Supervisory Control and Data Acquisition (SCADA)
  • Supervisory Components (Master Servers)
  • System Operation
  • Communication Protocols
  • ICS Network Architecture
  • ICS Lifecycle Challenges
  • Network Design

ICS Security Architecture

  • Network Segmentation and Segregation
  • Boundary Protection
  • Firewalls
  • Logically Separated Control Network
  • General Firewall Policies for ICS
  • Recommended Firewall Rules for Specific Services
  • Network Address Translation (NAT)
  • Specific ICS Firewall Issues
  • Unidirectional Gateways
  • Single Point of Failure
  • Authentication and Authorization
  • Monitoring, Logging and Auditing
  • Incident Detection, Response and System Recovery

Common ICS Vulnerabilities

  • Vulnerabilities Inherent in the ICS Product
  • Vulnerabilities Caused by Installation, Configuration and Management of ICS
  • Poor Network Design Issues
  • ICS Software Security Threats
  • Access Controls
  • ICS Attack Surface
  • Attacks on Human Machine Interface (HMI) and User Interface (UI)
  • Attacks on Network Communications
  • Attacks on Remote Devices
  • Authentication Issues
  • Attacks on Control Servers
  • Web Attacks
  • Data Authenticity
  • Cryptographic Issues
  • Credential Management Issues
  • Network Vulnerabilities

ICS Threat Intelligence

  • ICS Active Defense and Incident Response
  • Intelligence Life Cycle and Threat Intelligence
  • ICS Information Attack Surface
  • External ICS Threat Intelligence
  • Internal ICS Threat Intelligence

NERC Critical Infrastructure Protection (CIP)

  • Introduction to CIP
  • NERC Functional Mode
  • NERC Reliability Standards
  • CIP History
  • CIP-002: Cyber System Categorization
  • CIP-003: Security Management Controls
  • CIP Processes
  • Audit Follow Up
  • CIP Industry Activities
  • Standards Process

Risk Management and Risk Assessment

  • Risk and Manufacturing Systems
  • Common ICS Vulnerabilities
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences
  • Risk Classification
  • Introduction to Risk Management Process
  • Special Consideration for ICS Risk Assessment
  • ICS Information Security Risk Assessment Safety
  • Physical Impacts of ICS Incidents
  • Physical Disruption of ICS Process
  • Non-Digital Aspect of ICS into Impact Evaluations
  • Propagation of Impact to Connected Systems

ICS Auditing and Assessment

  • Security Audits
  • Security Assessments
  • System Characterization
  • Asset Classification
  • Vulnerability Assessment
  • Configuration Assessment and Auditing

IEC 62443: Network and System Security for ICS

  • Security Feedback Loop
  • Security Assurance
  • Threat/Risk Assessment
  • Classes of Attackers
  • Management Challenges
  • Cybersecurity Assurance Standards
  • Assurance Matrix
  • Development Assurance
  • Integration Assurance
  • Operational Assurance

Implementation of ICS Security Program Development

  • Business Case for Security
  • Defining the Scope of Security Program
  • Defining ICS-Specific Security Policies and Procedures
  • Implementing ICS Security Risk Management Framework
  • Categorizing ICS Systems and Network Assets
  • Selecting ICS Security Controls
  • Performing Risk Assessment Techniques
  • Implementing Security Controls
  • Continuous Monitoring of Control Systems
  • Access Control
  • Security Assessment and Authorization
  • Contingency Planning
  • Identification and Authentication
  • Incident Response
  • Privacy controls
  • Penetration Testing

ICS Incident Response

  • Incident Response and Digital Forensic
  • Incident Response ICS Team
  • Collecting Evidence
  • Source of Forensic Data in ICS Network
  • Time-Critical Analysis
  • Maintaining and Restoring Operations
  • Performing ICS Incident Response Procedures
  • Identifying the threat in Distributed Control Systems (DCS)

Network Protection for ICS

  • Fundamentals of ICS Network
  • Ethernet
  • TCP/IP Protocol Suite
  • ICS Protocols Over TCP/IP
  • Firewalls
  • Unidirectional Gateways
  • Honeypots
  • Wireless in Control Systems
  • Satellite Protocols
  • Mesh Protocols
  • Bluetooth and WiFi
  • Field and Plant Floor Equipment

ICS Server Protection

  • ICS Windows Systems
  • ICS Linux/Unix Systems
  • Updates and Patching
  • Processes and Services
  • Configuration Hardening
  • Endpoint Protection
  • Automation and Auditing
  • Log Management
  • Database and Historians

SCADA Security Policies and Standards

  • SCADA Organization and Information Architecture
  • SCADA Data Categorization and Ownership
  • Data Security in SCADA
  • Platform Security
  • Communication/ Personnel Security
  • Configuration Management
  • Audit
  • Applications
  • Physical Security
  • Manual Operation
  • SCADA Asset Protection
  • NIST SP 800-82 Standard
  • Steps to SCADA Cybersecurity Improvements

Detection of Cyber Attacks on SCADA Systems

  • Application Layers Attacks
  • Transport Layer Attacks
  • Network Layer Attacks
  • Modbus Protocol Attack
  • DNP3 Attacks
  • ICCP Server Attacks
  • OPC Servers Attack
  • TCP/IP Attack
  • SCADA Vulnerability Scanning

Hands On, Workshops and Group Activities

  • Labs
  • Workshops
  • Group Activities
ICS Cybersecurity Training – LABS

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

    Time frame:

    0