Overview

This course provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.
The course will provide you with:
  • An understanding of industrial control system components, purposes, deployments, significant drivers, and constraints
  • Hands-on lab learning experiences to control system attack surfaces, methods, and tools
  • Control system approaches to system and network defense architectures and techniques
  • Incident-response skills in a control system environment
  • Governance models and resources for industrial cybersecurity professionals

Learning Outcome

After the training, the student will be able to:
  • Better understand various industrial control systems and their purpose, application, function, and dependencies on network IP and industrial communications
  • Work with control network infrastructure design (network architecture concepts, including topology, protocols, and components) and their relation to IEC 62443 and the Purdue Model
  • Run Windows command line tools to analyze the system looking for high-risk items
  • Run Linux command line tools (ps, ls, netstat, ect) and basic scripting to automate the running of programs to perform continuous monitoring of various tools
  • Work with operating systems (system administration concepts for Unix/Linux and/or Windows operating systems)
  • Better understand the systems' security lifecycle
  • Better understand information assurance principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation)
  • Use your skills in computer network defense (detecting host and network-based intrusions via intrusion detection technologies)
  • Implement incident response and handling methodologies
  • Map different ICS technologies, attacks, and defenses to various cybersecurity standards including NIST Cyber Security Framework, ISA/IEC 62443, ISO/IEC 27001, NIST SP 800-53, Center for Internet Security Critical Security Controls, and COBIT 5

Who should Attend?

  • IT (includes operational technology support)
  • IT security (includes operational technology security)
  • Engineering
  • Corporate, industry, and professional standards

Eligibility Criteria

  • Course participants need to have a basic understanding of networking and system administration, TCP/IP, networking design/architecture, vulnerability assessment, and risk methodologies.
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page


Information as accurate as of 24 December 2019