TGICS 201: Industrial Cyber Risk Assessment

 

This course builds upon the knowledge gained in ICS 101 by applying technical cyber risk and vulnerability assessment skills. Through a combination of lecture and hands-on labs, students will learn how to perform standards-based gap assessments and technical ICS vulnerability assessments using industry standard tools and applications. In addition to standard methodologies, they will also learn “ICS safe” methods. Then, they will tie it all together with consequence-driven risk calculation methods.

bonus content:

This course includes content from Clint Bodungen’s upcoming book, “Complete Industrial Cybersecurity Program Management, A Practical Guide to ICS/OT Cyber Risk Management”: Students will learn how to use VBA and PowerShell scripts (in a way that students of all levels can follow and utilize) to automate vulnerability assessment data analysis and maximize the value of vulnerability scanning tool reports.

What you will get out of this class:

  • Learn to perform security standards-based gap assessments
  • Learn and apply consequence-driven risk assessment concepts
  • Learn to perform ICS vulnerability assessments in technical hands-on labs
  • Learn to perform ICS vulnerability assessments that are safe for ICS environments
  • Learn to use VBA and PowerShell scripts to analyze vulnerability assessment data
  • Learn to maximize the value of vulnerability scanning tool reports
  • Taught by industry-leading, world-class ICS cybersecurity experts with years of real-world experience

Intended Audience:

  • Anyone interested in gaining beginner to intermediate knowledge of ICS/OT cybersecurity
  • Anyone interested in or tasked with ICS/OT risk assessment and management
  • Anyone interested in learning more about technical ICS/OT vulnerability assessment
  • Cybersecurity managers
  • Plant managers and asset owners
  • IT cybersecurity staff tasked with ICS/OT cybersecurity
  • Engineers tasked with ICS/OT cybersecurity

Class Outline

  • Performing a Gap Analysis
    • Using CSET
  • Performing a Vulnerability Assessment
    • WHY & WHEN TO PERFORM A RISK ASSESSMENT
    • VULNERABILITY ASSESSMENT TYPES
    • ICS/SCADA VS. ENTERPRISE IT ASSESSMENT CONSIDERATIONS
    • GRC FRAMEWORK SOFTWARE
    • OVERVIEW OF KEY STEPS
    • ASSESSMENT PLAN: ASSIGNING PERSONNEL
    • ASSESSMENT PLAN: DETERMINING THE SCOPE
    • ASSESSMENT PLAN: METHODOLOGY
    • ASSESSMENT PLAN: COMMON TOOLS
    • ASSESSMENT PLAN: SCHEDULE
    • ASSESSMENT PLAN: SECURITY
    • THE KICKOFF MEETING
    • PERFORMING THE ASSESSMENT
    • REPORTING
    • ASSESSMENT PLAN: PLANNING
    • Site Walk Through
    • Document Review (configs and diagrams)
    • Discovery (assets and “scanning”)
    • Vulnerability Identification
      • Vulnerability Mapping
      • Vulnerability “Scanning”
      • Using Nessus for ICS
    • Maximizing the Value of a Vulnerability Scan with VBA and PowerShell scripting