Introduction to Industrial Cyber Security

Objectives: This training course provides an introduction to the topic of cyber security in an industrial network environment. It is classroom-based using a mixture of lecture, short videos and facilitated discussions.

• Organisation and regulatory security compliance objectives• ICS security incident trends• Mitigation measures within an ICS / OT environment• Governance / policy & procedures – differences between IT security and OT security• Industrial Cyber Security best practice; an overview of the ISA 99 / IEC 62443 set of standards

Who should attend?: The course is particularly suited to anybody from a technical background that requires a grounding in the concepts of industrial cyber security good practice, including Technical Management, Operations Management, Technicians, Engineers, Maintenance Personnel and IT Security Personnel.

ProgrammeThe Current Threat State:

• Historical context• Overview of notable incidents, including Slammer, Shamoon, Stuxnet and BlackEnergy

The Hacking Cycle:

• Reconnaissance• Scanning and enumeration• Gaining access• Maintaining access• Clearing tracks

Security Governance:

• Drivers for separate Operational Technology (OT) governance• Policies, standards, processes and procedures• Existing Frameworks for cyber security, including NERC-CIP and the NIST SP-800 series• Maturity modelling and reporting• The Barrier Model (‘Swiss Cheese’) view• Legislative requirements including sector competent authorities and national supporting organisations

Risk Mitigation:

• The Perdue Enterprise Reference Architecture model (PERA)• The ‘Kill Chain’• Network protection methods• Endpoint protection methods• Access control methods• Endpoint policies

Duration: 1 day