Price: $3,999.00

Length: 4 Days
Print Friendly, PDF & Email

ICS Cybersecurity Training, Industrial Control System Training

Industrial control system security (ICS) involves safekeeping and securing industrial control systems as well as the necessary software and hardware that are used by the system.

An industrial control system is one of the different types of control systems that are used for monitoring industrial processes. It can be composed of just a few controllers or a complex network of interactive control systems made up by hundreds or thousands of connections.

These systems get data from remote sensors that monitor and measure process variables. These process variables are then compared with the set points. The system will then send commands that will control processes via the final control elements such as control valves.

International thieves, terrorists and unscrupulous competitors pose a serious threat to ICSs throughout the world. This is due to the emergence of the Internet of Things (IoT) and Industrial IoT as well as the increased use of remote telemetry for monitoring and input.

These relatively recent developments provide hackers with numerous entry points for nefarious activities that can negatively affect the operational efficacy of critical process systems along with the health, safety and financial security of people and companies worldwide.

Experts in this area believe that an underlying problem for organizations when it comes to ICS security is that it is not clear who should be in charge over it.

According to the National Institute of Standards and Technology, a main objective for ICS should include being able to restrict logical access to the system’s network and activity, such as using a demilitarized zone network design that uses firewalls to stop network traffic from passing through the ICS and your corporate networks, or the use of unidirectional gateways.

Given the importance of industrial control systems (ICS) cybersecurity, it is essential to understand the trends that dominate the ICS space. Attacks generally come from three sectors:

  • External threats and targeted attacks — The aim of politically motivated attacks is usually focused on causing physical damage or operational disruption, while industrial espionage attacks will be more focused on stealing or damaging Intellectual Property (IP).
  • Insider threats — From disgruntled employees to contractors with an ax to grind, the internal threat is real. Most ICS networks require little to no authentication or encryption that controls or restricts user activity.
  • Human error – Some feel that human error is the biggest threat to an ICS network. Human errors can include making incorrect configurations, PLC programming errors or forgetting to monitor key metrics or alerts.

Cybersecurity professionals recommend that organizations have a strategy with proper measures in place. Training programs such as those offered by Tonex can help companies put together an affordable budget and plan to better combat ICS cybersecurity vulnerabilities.

ICS Cybersecurity Training, Industrial Control System Training by Tonex

ICS Cybersecurity training is designed for security professionals and control system engineers in order to provide them with advanced cybersecurity skills and knowledge in order to protect the Industrial Control System (ICS) and keep their industrial operation environment secure against cyber threats.

Tonex as a leader in security industry for more than 15 years is now announcing ICS Cybersecurity training which helps you protect your ICS via special publication National Institute of Science and Technology (NIST) for control systems based on Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS) or the other control system configurations.

ICS Cybersecurity Training

Tonex has served industry and academia with high quality conferences, seminars, workshops and exclusively designed courses in cybersecurity area and is pleased to inform professional fellows about the recent comprehensive training on ICS Cybersecurity.

This comprehensive training provides a detailed overview of Industrial Control Systems (ICS), typical system topologies and architectures, different types of threats and vulnerabilities to industrial systems, and gives a step by step procedure to mitigate the associated risks and maintain the security of your control system.

ICS cybersecurity applies to many industries such as electric, water, wastewater, oil, natural gas, chemical, paper, food, and discrete manufacturing. The reason is due to the numerous attack records in ICS with varying level of potential risk and impact.

This course covers a variety of topics in ICS Cybersecurity area such as ICS fundamentals, ICS security architecture, ICS vulnerabilities, ICS threat intelligence, NERC Critical Infrastructure Protection (CIP), ICS risk management and ICS risk assessment. Moreover, you will learn about ICS auditing and assessment, IEC 62443 standard for system security, ICS implementation and development, ICS incident response, ICS network protection, ICS server protection, SCADA security policies and standards, SCADA cyber-attacks detection, and a lot of labs and hands on examples.

By taking the ICS Cybersecurity training by Tonex you will learn about the life cycle of ICS implementation, ICS policies and procedures, ICS risk management framework steps, access control, contingency planning, and incident response.

The ICS Cybersecurity course by Tonex is an interactive course with a lot of class discussions and exercises aiming to provide you a useful resource for ICS cybersecurity.

If you are an IT professional who specialize in ICS cybersecurity and need to validate your skills, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of the ICS Cybersecurity training that will prepare you for your career.

Learn about the fundamentals of ICS Cybersecurity throughout identifying vulnerabilities of ICS, different types of attacks to Human Machine Interface (HMI) and User Interface (UI), web attacks, attacks on remote devices and network vulnerabilities.

Our instructors at Tonex will help you to master all the ICS Cybersecurity design techniques by introducing the risk management framework, risk assessment techniques, incident response, continuous monitoring, SCADA security improvement, and network security approaches for ICS.

Finally, the ICS Cybersecurity training will introduce a set of labs, workshops and group activities of real world case studies in order to prepare you to tackle all the related ICS Cybersecurity challenges.


The ICS Cybersecurity training is a 4-day course designed for:

  • Control engineers, integrators and architects who will be designing a secure ICS
  • System administrators, engineers who secure ICS
  • Information Technology (IT) professionals who administer, patch or secure ICS
  • Security Consultants who perform security assessment and penetration testing of ICS
  • Managers who are responsible for ICS
  • Senior managers want to understand or apply ICS cybersecurity program to their control system
  • Researchers and analysts working on ICS security
  • Vendors who will develop products for ICS
  • Executives and managers of ICS Cybersecurity area
  • Information technology professionals, security engineers, security analysts, policy analysts
  • Investors and contractors who plan to make investments in ICS industry.
  • Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects

Training Objectives

Upon completion of the ICS Cybersecurity training course, the attendees are able to:

  • Understand fundamentals of Industrial Control Systems (ICS)
  • Recognize the security architecture for ICS
  • Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers
  • Learn about active defense and incident response for ICS
  • Learn the essentials for NERC Critical Infrastructure Protection (CIP)
  • Understand policies and procedures for NERC critical infrastructure protection (CIP)
  • List strategies for NERC CIP version 5/6
  • Apply risk management techniques to ICS
  • Describe ICS Active Defense and Incident Response
  • Describe techniques for defending against the new ICS threat matrix
  • Assess and audit risks for ICS
  • Apply IEC standard to network and system security of ICS
  • Implement the ICS security program step by step
  • Protect the ICS network from vulnerabilities
  • Understand different types of servers in ICS and protect them against attacks
  • Apply security standards to SCADA systems based on NIST SP 800-82
  • Detect different types of attacks to SCADA systems
  • Tackle all the security challenges related to ICS cybersecurity

Training Outline

ICS Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need:

Fundamentals of Industrial Control Systems (ICS)

  • Evolution of Industrial Control Systems (ICS)
  • Global Industrial Cybersecurity Professional (GICSP)
  • ICS Industrial Sectors
  • ICS Operation and Components
  • ICS Design Consideration
  • Real-Time Operating Systems
  • Programming Controllers
  • SCADA Systems
  • Distributed Control System
  • Programmable Logic Controller
  • ICS and IT Systems Security
  • Distributed Control System (DCS) versus Supervisory Control and Data Acquisition (SCADA)
  • Supervisory Components (Master Servers)
  • System Operation
  • Communication Protocols
  • ICS Network Architecture
  • ICS Lifecycle Challenges
  • Network Design

ICS Security Architecture

  • Network Segmentation and Segregation
  • Boundary Protection
  • Firewalls
  • Logically Separated Control Network
  • General Firewall Policies for ICS
  • Recommended Firewall Rules for Specific Services
  • Network Address Translation (NAT)
  • Specific ICS Firewall Issues
  • Unidirectional Gateways
  • Single Point of Failure
  • Authentication and Authorization
  • Monitoring, Logging and Auditing
  • Incident Detection, Response and System Recovery

Common ICS Vulnerabilities

  • Vulnerabilities Inherent in the ICS Product
  • Vulnerabilities Caused by Installation, Configuration and Management of ICS
  • Poor Network Design Issues
  • ICS Software Security Threats
  • Access Controls
  • ICS Attack Surface
  • Attacks on Human Machine Interface (HMI) and User Interface (UI)
  • Attacks on Network Communications
  • Attacks on Remote Devices
  • Authentication Issues
  • Attacks on Control Servers
  • Web Attacks
  • Data Authenticity
  • Cryptographic Issues
  • Credential Management Issues
  • Network Vulnerabilities

ICS Threat Intelligence

  • ICS Active Defense and Incident Response
  • Intelligence Life Cycle and Threat Intelligence
  • ICS Information Attack Surface
  • External ICS Threat Intelligence
  • Internal ICS Threat Intelligence

NERC Critical Infrastructure Protection (CIP)

  • Introduction to CIP
  • NERC Functional Mode
  • NERC Reliability Standards
  • CIP History
  • CIP-002: Cyber System Categorization
  • CIP-003: Security Management Controls
  • CIP Processes
  • Audit Follow Up
  • CIP Industry Activities
  • Standards Process

Risk Management and Risk Assessment

  • Risk and Manufacturing Systems
  • Common ICS Vulnerabilities
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences
  • Risk Classification
  • Introduction to Risk Management Process
  • Special Consideration for ICS Risk Assessment
  • ICS Information Security Risk Assessment Safety
  • Physical Impacts of ICS Incidents
  • Physical Disruption of ICS Process
  • Non-Digital Aspect of ICS into Impact Evaluations
  • Propagation of Impact to Connected Systems

ICS Auditing and Assessment

  • Security Audits
  • Security Assessments
  • System Characterization
  • Asset Classification
  • Vulnerability Assessment
  • Configuration Assessment and Auditing

IEC 62443: Network and System Security for ICS

  • Security Feedback Loop
  • Security Assurance
  • Threat/Risk Assessment
  • Classes of Attackers
  • Management Challenges
  • Cybersecurity Assurance Standards
  • Assurance Matrix
  • Development Assurance
  • Integration Assurance
  • Operational Assurance

Implementation of ICS Security Program Development

  • Business Case for Security
  • Defining the Scope of Security Program
  • Defining ICS-Specific Security Policies and Procedures
  • Implementing ICS Security Risk Management Framework
  • Categorizing ICS Systems and Network Assets
  • Selecting ICS Security Controls
  • Performing Risk Assessment Techniques
  • Implementing Security Controls
  • Continuous Monitoring of Control Systems
  • Access Control
  • Security Assessment and Authorization
  • Contingency Planning
  • Identification and Authentication
  • Incident Response
  • Privacy controls
  • Penetration Testing

ICS Incident Response

  • Incident Response and Digital Forensic
  • Incident Response ICS Team
  • Collecting Evidence
  • Source of Forensic Data in ICS Network
  • Time-Critical Analysis
  • Maintaining and Restoring Operations
  • Performing ICS Incident Response Procedures
  • Identifying the threat in Distributed Control Systems (DCS)

Network Protection for ICS

  • Fundamentals of ICS Network
  • Ethernet
  • TCP/IP Protocol Suite
  • ICS Protocols Over TCP/IP
  • Firewalls
  • Unidirectional Gateways
  • Honeypots
  • Wireless in Control Systems
  • Satellite Protocols
  • Mesh Protocols
  • Bluetooth and Wi-Fi
  • Field and Plant Floor Equipment

ICS Server Protection

  • ICS Windows Systems
  • ICS Linux/Unix Systems
  • Updates and Patching
  • Processes and Services
  • Configuration Hardening
  • Endpoint Protection
  • Automation and Auditing
  • Log Management
  • Database and Historians

SCADA Security Policies and Standards

  • SCADA Organization and Information Architecture
  • SCADA Data Categorization and Ownership
  • Data Security in SCADA
  • Platform Security
  • Communication/ Personnel Security
  • Configuration Management
  • Audit
  • Applications
  • Physical Security
  • Manual Operation
  • SCADA Asset Protection
  • NIST SP 800-82 Standard
  • Steps to SCADA Cybersecurity Improvements

Detection of Cyber-Attacks on SCADA Systems

  • Application Layers Attacks
  • Transport Layer Attacks
  • Network Layer Attacks
  • Modbus Protocol Attack
  • DNP3 Attacks
  • ICCP Server Attacks
  • OPC Servers Attack
  • TCP/IP Attack
  • SCADA Vulnerability Scanning

Workshops for ICS Cybersecurity Training

  • Preliminary ICS Risk Assessment Exercise
  • ICS System Identification and Classification Hands On
  • ICS Vulnerability Assessment Case Study
  • ICS Compliance Audit Case Study
  • Detailed ICS Risk Assessment Experience
  • Selecting ICS Security Controls Experiment
  • Summary of Aurora Hardware Mitigation Projects Workshop
  • Incident Response Workshop
  • Live Attack Demonstration- Hacker’s Perspective
  • Hacking the Power Grid
  • Designing a SCADA Security Policy

ICS Cybersecurity Training

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.