Acerca de

The ICS CYBERSECURITY PRACTITIONER TRAINING COURSE is specifically tailored for cybersecurity professionals who play a critical role in safeguarding and maintaining security in an OT plant. These professionals may include CISOs, security operations personnel, threat hunters, or incident responders who are directly tasked with detecting and thwarting cyber-attacks. Additionally, in the event of a cyber-attack, they are responsible for initiating recovery measures and responding effectively to the incident.

The OT CYBER SECURITY DESIGN AND ARCHITECTURE COURSE will delve into the intricacies of such systems, providing trainees with an understanding of their topology. While some fundamental principles might apply across different systems, the specific ICS equipment, measurements, and operations can vary significantly. Operators must monitor and assess different aspects within the environment. To achieve their disruptive objectives, hackers must grasp the processes and procedures governing the operation of the ICS plant.

COURSE DURATION:

• 3 days of Instructor-led training

WHAT WILL BE COVERED IN THE COURSE:

In this course, we will explore IEC 62443-1-3 - Security System conformance metrics. These metrics are established to: a) assess compliance with IACS requisites specified in other sections of the IEC 62443 series, oversee the development of secure IACS products and services, supervise and maintain the user-defined quality of service throughout the operational lifespan of the system, validate the secure disposal of systems, subsystems, and components upon their retirement; and provide system measurements for use by regulatory bodies to ensure adherence.

Additionally, we will delve deeply into IEC 62443-2-2 IACS Security Protection Ratings, which presents a method for evaluating the degree of safeguarding offered by an operational IACS against cybersecurity threats, and how to implement the requirements outlined in 62443-2-1.

Furthermore, the course will provide an extensive exploration of IEC 62443 - 4-2 - Technical security requirements for IACS components. This standard defines the prerequisites for security levels of control system capabilities and their corresponding components. It also outlines the technical requirements (CRs) for control system components, which are linked with the seven foundational requirements (FRs). These seven FRs include:

1. a) Identification and authentication control (IAC),

2. b) Use control (UC),

3. c) System integrity (SI),

4. d) Data confidentiality (DC),

5. e) Restricted data flow (RDF),

6. f) Timely response to events (TRE), and

7. g) Resource availability (RA).

These foundational requirements serve as the basis for establishing control system security capability levels.

The topics covered include:

1. a) Fundamental Terminology

2. b) Key Concepts and Models

3. c) Security Program Ratings

4. d) Practical Use Cases

We will also explore another standard with equivalent strategic structure, namely the "Operational Technology (OT) Cybersecurity Competency Framework - October 2021." This framework encompasses:

• Governance, Risk, and Compliance

• Security Design and Engineering

• Introduction to Threat Intelligence

Additionally, we will delve into the "Cyber Security Code of Practice (CCOP)," which encompasses:

• Governance Requirements

• Leadership and Oversight

• Risk Management

• Policies, Standards, Guidelines, and Procedures

• Security-by-Design

• Cybersecurity Design Principles

• Change Management

• Use of Cloud Computing Systems and Services

• Outsourcing and Vendor Management

The training will also cover the technical facets of Operational Technology (OT), encompassing:

• An overview of Industrial Control System (ICS) architecture

• A comparison of IT and OT security considerations

• Identification of components within the ICS environment

• Familiarity with various components like HMIs, Historians, and SCADA systems

We will navigate through a practical scenario involving an actual OT system, such as the staged establishment of an architectural framework for a Water Plant. During this exploration, we will assess vulnerabilities at different stages of the setup.

Furthermore, the course will address additional technical aspects of cybersecurity, including:

• Examination of Network Models like OSI and TCP/IP

• Study of ICS protocols operating over TCP/IP

• Utilization of tools like Wireshark to analyze ICS protocols