ICS Cybersecurity Training

Learn the best practices for securing SCADA networks and systems. This ICS Cybersecurity Training course teaches you how to defend against both internal and external attackers to provide holistic security for critical industrial automation systems! SCADA controls our nation’s mission critical infrastructure, everything from the power grid to water treatment facilities

ENO Security has joined forces with industry leaders to equip security professionals and control system engineers with the cybersecurity skills they need to defend national critical infrastructure. This ICS Cybersecurity Training Workshop provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The ICS Security Training course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.

ICS Cybersecurity TrainingDuration: 4 days

  • We can adapt this ICS Cybersecurity Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this ICS Cybersecurity Training course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the ICS Cybersecurity Training Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ICS Cybersecurity Training course in manner understandable to lay audiences.

The target audience for this ICS Cybersecurity Training course:

  • SCADA system operators
  • SCADA analysts
  • Control systems engineers
  • ICS and SCADA consultants
  • IT and security professionals with a desire to learn how to protect critical infrastructure
  • Control engineers, integrators and architects who will be designing a secure ICS
  • System administrators, engineers who secure ICS
  • Information Technology (IT) professionals who administer, patch or secure ICS
  • Security Consultants who perform security assessment and penetration testing of ICS
  • Managers who are responsible for ICS
  • Senior managers want to understand or apply ICS cybersecurity program to their control system
  • Researchers and analysts working on ICS security
  • Vendors who will develop products for ICS
  • Executives and managers of ICS Cybersecurity area
  • Information technology professionals, security engineers, security analysts, policy analysts
  • Investors and contractors who plan to make investments in ICS industry.
  • Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects

The knowledge and skills that a learner must have before attending this ICS Cybersecurity Training course are:

  • Understanding of computer hardware and operating systems
  • Basic knowledge of SCADA systems
ICS Cybersecurity Training - OBJECTIVES

This ICS Cybersecurity Training course prepares you to properly secure the SCADA systems used in a variety of industries, including power transmission, oil and gas and water treatment.

  • Understand fundamentals of Industrial Control Systems (ICS)
  • Recognize the security architecture for ICS
  • Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers
  • Learn about active defense and incident response for ICS
  • Learn the essentials for NERC Critical Infrastructure Protection (CIP)
  • Understand policies and procedures for NERC critical infrastructure protection (CIP)
  • List strategies for NERC CIP version 5/6
  • Apply risk management techniques to ICS
  • Describe ICS Active Defense and Incident Response
  • Describe techniques for defending against the new ICS threat matrix
  • Assess and audit risks for ICS
  • Apply IEC standard to network and system security of ICS
  • Implement the ICS security program step by step
  • Protect the ICS network from vulnerabilities
  • Understand different types of servers in ICS and protect them against attacks
  • Apply security standards to SCADA systems based on NIST SP 800-82
  • Detect different types of attacks to SCADA systems
  • Tackle all the security challenges related to ICS cybersecurity
ICS Cybersecurity Training - COURSE SYLLABUS

Fundamentals of Industrial Control Systems (ICS)

  • Evolution of Industrial Control Systems (ICS)
  • Global Industrial Cybersecurity Professional (GICSP)
  • ICS Industrial Sectors
  • ICS Operation and Components
  • ICS Design Consideration
  • Real-Time Operating Systems
  • Programming Controllers
  • SCADA Systems
  • Distributed Control System
  • Programmable Logic Controller
  • ICS and IT Systems Security
  • Distributed Control System (DCS) versus Supervisory Control and Data Acquisition (SCADA)
  • Supervisory Components (Master Servers)
  • System Operation
  • Communication Protocols
  • ICS Network Architecture
  • ICS Lifecycle Challenges
  • Network Design

ICS Security Architecture

  • Network Segmentation and Segregation
  • Boundary Protection
  • Firewalls
  • Logically Separated Control Network
  • General Firewall Policies for ICS
  • Recommended Firewall Rules for Specific Services
  • Network Address Translation (NAT)
  • Specific ICS Firewall Issues
  • Unidirectional Gateways
  • Single Point of Failure
  • Authentication and Authorization
  • Monitoring, Logging and Auditing
  • Incident Detection, Response and System Recovery

Common ICS Vulnerabilities

  • Vulnerabilities Caused by Installation, Configuration and Management of ICS
  • Poor Network Design Issues
  • ICS Software Security Threats
  • Access Controls
  • ICS Attack Surface
  • Attacks on Human Machine Interface (HMI) and User Interface (UI)
  • Attacks on Network Communications
  • Attacks on Remote Devices
  • Authentication Issues
  • Attacks on Control Servers
  • Web Attacks
  • Data Authenticity
  • Cryptographic Issues
  • Credential Management Issues
  • Network Vulnerabilities

ICS Threat Intelligence

  • ICS Active Defense and Incident Response
  • Intelligence Life Cycle and Threat Intelligence
  • ICS Information Attack Surface
  • External ICS Threat Intelligence
  • Internal ICS Threat Intelligence

NERC Critical Infrastructure Protection (CIP)

  • Introduction to CIP
  • NERC Functional Mode
  • NERC Reliability Standards
  • CIP History
  • CIP-002: Cyber System Categorization
  • CIP-003: Security Management Controls
  • CIP Processes
  • Audit Follow Up
  • CIP Industry Activities
  • Standards Process

Risk Management and Risk Assessment

  • Risk and Manufacturing Systems
  • Common ICS Vulnerabilities
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences
  • Risk Classification
  • Introduction to Risk Management Process
  • Special Consideration for ICS Risk Assessment
  • ICS Information Security Risk Assessment Safety
  • Physical Impacts of ICS Incidents
  • Physical Disruption of ICS Process
  • Non-Digital Aspect of ICS into Impact Evaluations
  • Propagation of Impact to Connected Systems

ICS Auditing and Assessment

  • Security Audits
  • Security Assessments
  • System Characterization
  • Asset Classification
  • Vulnerability Assessment
  • Configuration Assessment and Auditing

Network and System Security for ICS

  • Security Feedback Loop
  • Security Assurance
  • Threat/Risk Assessment
  • Classes of Attackers
  • Management Challenges
  • Cybersecurity Assurance Standards
  • Assurance Matrix
  • Development Assurance
  • Integration Assurance
  • Operational Assurance

Implementation of ICS Security Program Development

  • Business Case for Security
  • Defining the Scope of Security Program
  • Defining ICS-Specific Security Policies and Procedures
  • Implementing ICS Security Risk Management Framework
  • Categorizing ICS Systems and Network Assets
  • Selecting ICS Security Controls
  • Performing Risk Assessment Techniques
  • Implementing Security Controls
  • Continuous Monitoring of Control Systems
  • Access Control
  • Security Assessment and Authorization
  • Contingency Planning
  • Identification and Authentication
  • Incident Response
  • Privacy controls
  • Penetration Testing

ICS Incident Response

  • Incident Response and Digital Forensic
  • Incident Response ICS Team
  • Collecting Evidence
  • Source of Forensic Data in ICS Network
  • Time-Critical Analysis
  • Maintaining and Restoring Operations
  • Performing ICS Incident Response Procedures
  • Identifying the threat in Distributed Control Systems (DCS)

Network Protection for ICS

  • Fundamentals of ICS Network
  • Ethernet
  • TCP/IP Protocol Suite
  • ICS Protocols Over TCP/IP
  • Firewalls
  • Unidirectional Gateways
  • Honeypots
  • Wireless in Control Systems
  • Satellite Protocols
  • Mesh Protocols
  • Bluetooth and WiFi
  • Field and Plant Floor Equipment

ICS Server Protection

  • ICS Windows Systems
  • ICS Linux/Unix Systems
  • Updates and Patching
  • Processes and Services
  • Configuration Hardening
  • Endpoint Protection
  • Automation and Auditing
  • Log Management
  • Database and Historians

SCADA Security Policies and Standards

  • SCADA Organization and Information Architecture
  • SCADA Data Categorization and Ownership
  • Data Security in SCADA
  • Platform Security
  • Communication/ Personnel Security
  • Configuration Management
  • Audit
  • Applications
  • Physical Security
  • Manual Operation
  • SCADA Asset Protection
  • NIST SP 800-82 Standard
  • Steps to SCADA Cybersecurity Improvements

Detection of Cyber-Attacks on SCADA Systems

  • Application Layers Attacks
  • Transport Layer Attacks
  • Network Layer Attacks
  • Modbus Protocol Attack
  • DNP3 Attacks
  • ICCP Server Attacks
  • OPC Servers Attack
  • TCP/IP Attack
  • SCADA Vulnerability Scanning

Workshops for ICS Cybersecurity Training

  • Preliminary ICS Risk Assessment Exercise
  • ICS System Identification and Classification Hands On
  • ICS Vulnerability Assessment Case Study
  • ICS Compliance Audit Case Study
  • Detailed ICS Risk Assessment Experience
  • Selecting ICS Security Controls Experiment
  • Summary of Aurora Hardware Mitigation Projects Workshop
  • Incident Response Workshop
  • Live Attack Demonstration- Hacker’s Perspective
  • Hacking the Power Grid
  • Designing a SCADA Security Policy
ICS Cybersecurity Training Course Wrap-Up

Whether you are looking for general information or have a specific question, we want to help.
Request More Information

    Time frame: