Generic filters

COURSES

Home   /   Courses   /   SCADA & ICS Cyber Security Course

SCADA & ICS Cyber Security Course

Target Audience

The purpose of the workshop is to educate engineers on cyber risks and defense and educate them on challenges and solutions which are needed for protecting ICS and SCADA systems. Upon completion of this 16 hours workshop the participants will acquire knowledge in the field of industrial systems’ cyber defense measures, understand attack vectors and defense processes and will be better prepared the future challenges.

ICS Cyber Security Overview

Reliable and safe operation of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are considered critical for a broad range of industries supporting the wellbeing on a national level.

The growing convergence of IT and ICS, long-time separated domains, calls for a special attention and adoption of ICS-oriented best practices.

That being said, these functionalities can be jeopardised internally by an incentivised individual, or through remote access by a hostile organisation; Hence appropriate preventive measures should be taken to mitigate these breaches and minimize possible damages.

Training structure

The actual training will be via the Internet and divided to 8 sessions of 2 hours, including time for Q&A. The training will be structured taking into consideration their basic knowledge and background of participants in the field of IT and ICS. Each session will include ~ 40 slides, total of ~300+ slides will be presented.

Complete Workshop Itinerary

The workshop is designed for 8 Sessions – 16 Academic hours

Session 1

  • Introduction ICS (SCADA, OT) architecture
  • Typical ICS applications and
    Benefits
  • Control units PLC, RTU, IED, SIS and IIoT
  • Principles to ICS design and programming

Session 3

  • Industrial Cyber Kill Chain attack process
  • Introduction to the MITTRE ATT&CK process
  • Step by step attack process
    on ICS
  • Safety and Cyber Security considerations

Session 5

  • Explaining the Triangle and Purdue Model
  • Introduction to ISA 62443 standard
  • Introduction on Shodan.io ICS tracker

Session 7

  • Introduction to Cyber security assessment
  • Protecting buildings, data centers, etc.
  • Conduction Secure Maintenance for ICS

Session 2

  • ICS vs. IT systems cyber risks differences
  • Introduction to ICS Security Vulnerabilities
  • Introduction to BMS Cyber security risks
  • Typical cyber-attacks: MitM, DOS, DDoS, GPS

Session 4

  • Principles of Encryption and Authentication
  • Defense in Depth and packet’s inspection for ICS
  • Firewalls, IDS, DMZ, UGW, Sensor inspection
  • Coordinated operation with SIEM, SOAR, SOC

Session 6

  • Famous attacks on ICS worldwide
  • Introduction to BCP, DRP and IR
  • Introduction to ICS Forensic processes

Session 8

  • Best Practices for protecting ICS
  • Principles of Secure development
  • Summary and Q&A

About the Lecturer

Daniel Ehrenreich, B.Sc. Engineering, MBA, CISSP, ISO27001 Lead Auditor, SCCE-Secure Communications and Control Experts. Daniel brings over 29 years of experience with SCADA & ICS, deployed for electric power, water, sewage, oil and gas. Since 2010 he has combined his engineering activity with cybersecurity and has consulted and delivered training sessions in Israel and across the world. Previously he held senior positions in with leading firms in Israel such as Waterfall Security, Siemens and Motorola Solutions dealing with cyber defense for industrial operations. Reselected as the Chairman for the 5th ICS Cybersec 2021-What Next? conference (Virtual and International) taking place in Israel on 11-2-2021.

Powered By

SHARE:
Share on linkedin
Share on facebook
Share on twitter
Share on email
Register Now for Earlybird Pricing

About the Provider

MySecurity Marketplace
MySecurity Marketplace, powered by MySecurity Media, is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global security domain.

TOPICS

Cyber Security, Industrial Control Systems, Supervisory Control and Data Acquisition
Scroll to Top