Acerca de

COURSE SYNOPSIS:

In today’s interconnected world, Operational Technology (OT) systems are critical to industries like manufacturing, energy, utilities, and transportation. However, the growing threat landscape demands that OT professionals not only   understand how their systems function but also how to safeguard them from   ever-evolving cyber threats. ICS CYBERSECURITY FOUNDATION TRAINING COURSE has been specifically developed to empower industrial personnel with the most essential IT and OT security principles. Completing this series allows the trainee to be cyber   aware in their daily job, knowing their risk on the job. This DEFENDER FOR OT CYBERSECURITY Course is designed for technical professionals who need   to deepen their expertise in securing OT systems. With a focus on attack methodologies, risk analysis, and security protocols, this course provides the tools and knowledge to stay ahead of the increasingly complex threats targeting OT environments.

Using the MITRE ATT&CK Framework, participants will explore cutting-edge attack techniques and methodologies specifically for ICS, equipping them to identify vulnerabilities and respond proactively. The course also dives into risk analysis, security architecture, and lifecycle management, providing a holistic approach to OT cybersecurity.

Through in-depth technical training and real-world applications, you will master the core concepts and advanced strategies required to protect OT systems against evolving threats.

WHY CHOOSE  THIS COURSE?

• Technical Focus: This course offers a   technical and practical approach to OT cybersecurity, perfect for professionals already familiar with OT systems.

• Designed for the Security Practitioner: Comprehensive understanding of attack methodologies, risk management   techniques, and security protocols essential for defending OT environments.

• Expert-Led Training: Learn from instructors   with deep experience in securing critical OT systems and mitigating   sophisticated threats.

Elevate your cybersecurity expertise and develop the technical skills necessary to safeguard OT infrastructure from modern threats. Enroll today to be part of a group of leading cybersecurity practitioners in securing the future of critical OT systems.

COURSE  DURATION:

• 3 days of Instructor-led training

EXPECTATION AFTER THE TRAINING:

• Participants will gain a foundational   understanding of networking structures, including OSI and TCP/IP models,   through a live analysis of TCP communication, examining each layer in detail.

• Participants will explore the cyber kill chain   from a MITRE perspective, gaining insights into adversarial tactics and   strategies, enabling them to effectively defend against threats posed by   nation-state actors and malicious hackers.

• Participants will develop a comprehensive   understanding of fundamental OT protocols, including an in-depth review of   protocols such as Modbus.

• Participants will analyze the mechanics of   cyberattacks within an OT environment, assessing their potential impact on   industrial plant operations.

WHAT WILL BE COVERED IN THE COURSE:

The ISA and the International Electrotechnical Commission (IEC) have collaborated to establish a set of standards known as the ISA/IEC 62443 series. This comprehensive course delves into the fundamental principles of these   standards. These standards play a crucial role in the automation of   industrial production processes, widely utilized in sectors such as power, water, oil, and natural gas. The ISA/IEC 62443 standards offer guidelines for optimal practices in industrial network security, with new technical   specifications being evaluated every three years for potential adoption as   new standards. This course takes a highly technical approach, immersing participants in hands-on exercises designed to simulate real-world cybersecurity scenarios within an OT environment.   Attendees will engage in practical activities such as conducting basic reconnaissance attacks to identify vulnerabilities and mapping OT components   within a network. These exercises are structured to provide participants with a deeper understanding of an attacker's mindset, enabling them to analyze potential threats and reinforce their defensive strategies effectively. 

These hands on technical exercise includes:

• In-Depth Analysis of Endpoint Communication:   Participants will conduct a detailed examination of network communication  between two endpoints, breaking down packet-level interactions to understand  how data is transmitted, received, and interpreted within an OT environment. This exercise will enhance their ability to detect anomalies and identify potential security threats within network traffic.

• Comprehensive Breakdown of OT Protocols:  Participants will analyze and dissect key OT protocols, such as Modbus, DNP3, and OPC UA, to gain a deeper understanding of their structure, functionality, and security implications. This knowledge will enable participants to assess   vulnerabilities within these protocols and implement effective safeguards.

• Live Attack Traffic Analysis Simulation:   Through hands-on exercises, participants will simulate and analyze real-world   attack traffic within a controlled environment. They will learn to identify   malicious patterns, interpret logs, and apply cybersecurity tools to detect   and mitigate threats effectively.

• Simulation of a Cyberattack on an OT Environment: Participants will engage in a simulated cyberattack scenario within an OT setting, observing the attack lifecycle from initial infiltration to exploitation. This exercise will provide practical insights into adversarial tactics and techniques while reinforcing incident response strategies and defense mechanisms.

• Understanding and Defending Against Passive vs. Active Threats: Participants will explore the distinctions between   passive and active threats, analyzing their impact on OT systems. They will   learn proactive defense strategies to mitigate passive threats, such as reconnaissance and eavesdropping, as well as countermeasures to defend against active threats, including system intrusions and sabotage. This segment will focus on implementing robust security controls to fortify OT environments against evolving cyber threats.

To maximize the learning   experience, participants are required to bring their own laptops, which will be used to interact with live attack simulations and defense technologies. Through guided practice, attendees will develop practical skills in both offensive and defensive cybersecurity methodologies, enhancing their ability to secure OT environments.

Additionally, the course will provide an in-depth exploration of MITRE ATT&CK for Industrial Control Systems (ICS)—a comprehensive knowledge   base that documents adversary tactics, techniques, and procedures (TTPs) specific to industrial environments. Participants will examine the various phases of an attack lifecycle, gaining insight into how cyber adversaries   target critical assets and systems. Originating from MITRE's extensive research, this framework applies the ATT&CK methodology to ICS environments, offering a structured approach to understanding and mitigating   threats in operational technology settings.