TGICS 101: Introduction to Industrial Cybersecurity

 

Industrial security should be ingrained in your company's culture, equivalent to safety. Cyber incident preparedness begins with people. ICS 301 begins from a strategic perspective, helping students “get their head around” the big picture. It introduces intermediate topics such as “hacker” methodologies and security controls at a comfortable and easy to follow pace. This course will help students gain an understanding of the overall cyber risk management program and strategy, as well as basic adversary methods, strategies, and the security controls to defend against them.

What you will get out of this class:

  • Gain a comprehensive, “big picture” understanding of how all the cybersecurity pieces work together
  • Learn and apply practical industrial cybersecurity and risk management concepts
  • An introductory overview of the concepts, function, and components of industrial control systems, equipment, and technology
  • Learn vulnerabilities and attack vectors specific to ICS
  • Learn about the methods and strategies hackers use to attack industrial control systems as well as traditional IT systems (Introductory level. This is not a technical hands-on, “hacking” course)
  • Learn how to deploy efficient and cost-effective mitigation strategies and security controls
  • Learn how to build a complete ICS cyber security program
  • Apply what you’ve learned against a live adversary using the cutting edge, turn-based computer training simulation/game, ThreatGEN™ Red vs. Blue
  • Learn how to respond to, adapt, and defend against active attacks (Introductory level, this is not an incident response or threat hunting class)
  • Participate as the blue team and the red team, regardless of experience or technical skill level
  • Taught by industry-leading, world-class ICS cybersecurity experts with years of real-world experience

Intended Audience:

  • Anyone interested in gaining beginner to intermediate knowledge of ICS/OT cybersecurity
  • Anyone interested in or tasked with ICS/OT risk assessment and management
  • Anyone interested in gaining a better understanding over the overall cybersecurity “big picture”
  • Cybersecurity managers
  • Upper management concerned with IT/OT cybersecurity
  • Plant managers and asset owners
  • IT cybersecurity staff tasked with ICS/OT cybersecurity
  • Engineers tasked with ICS/OT cybersecurity
  • End users looking for a more effective (and entertaining) cybersecurity awareness training

Class Outline

  • Terminology
  • ICS Overview
  • What’s the Risk?
  • consequence-driven Risk Assessment PRIMER
    • Analyzing Threat EventS
    • Risk Scenarios
      • Analyzing Threat Events with Consequence and Impact Data
    • Calculating Risk
    • Assessment Phases & steps
    • Consequence-Driven Risk Assessment Process
    • Consequence-Driven Risk Assessment/Management Models and Frameworks
  • The Threats
    • Threat Intelligence
      • Threat Intelligence vs. Threat Information
      • What to Look For
      • Who/What are the Threats?
      • Taxonomy of Potential Threat Sources
      • Threat Source Capabilities, Motivations, Objectives
    • Vulnerabilities Overview
    • ICS Specific Vulnerabilities
      • ICS Protocol and Communications Vulnerabilities
      • ICS Workstation/Server Vulnerabilities
      • ICS Equipment/Device Vulnerabilities
      • Top Issues Found in ICS Assessments
    • ICS Attack Surface
      • Common ICS Attack Vectors
      • ICS Specific Attack/Exploit Strategies
    • Attack Methods Overview
      • ICS Cyber Kill Chain
      • Anatomy of an Attack
        • OvERVIEW OF ATTACKER METHODS
  • Mitigation Strategies
  • Cybersecurity Controls