Price: $3,999.00

Length: 4 Days
Print Friendly, PDF & Email

ICS Cybersecurity Training, Industrial Control System Training

Industrial control system (ICS) is a general term used to describe the integration of hardware and software with network connectivity in order to support critical infrastructure.

ICS technologies include, but are not limited to, supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLCs), programmable automation controllers (PACs), remote terminal units (RTUs), control servers, intelligent electronic devices (IEDs) and sensors.

Historically, most machinery and engineering components used in manufacturing and the operation of power plants, etc., belonged to networks that were air-gapped and protected from the outside world. However, this has changed over the years and components of today’s ICSs are often connected directly or indirectly to the internet.

This often makes ICSs sitting target for cybercriminals, introducing them to security vulnerabilities like any other connected system. The difference is that downtime or infiltration of an ICS network could result in massive outages, hundreds of thousands of impacted users and even national disaster.

There are many ideas among cybersecurity professionals on how to better protect ICSs from cybercrime. ICSs have always presented notoriously difficult security challenges because their microcode is often embedded within proprietary hardware or aging computer platforms that are difficult or impossible to monitor and secure. The attackers in this case used sophisticated tactics, techniques and procedures (TTPs) to compromise sensitive systems, and to erase the evidence of their behaviors on the compromised systems.

An entire industry has sprung up to try to address this problem, involving network segmentation and secure overlay networks that require no instrumentation on the ICS assets themselves. But these do not address the general lack of visibility into existing systems or the difficulty of maintaining a real-time view of what’s happening in these difficult-to-monitor deployments.

The general consensus is there are several events organizations should be watchful for to detect and investigate ICS breaches.

ICS Cybersecurity Training, Industrial Control System Training by Tonex

ICS Cybersecurity training is designed for security professionals and control system engineers in order to provide them with advanced cybersecurity skills and knowledge in order to protect the Industrial Control System (ICS) and keep their industrial operation environment secure against cyber threats. Tonex as a leader in security industry for more than 15 years is now announcing ICS Cybersecurity training which helps you protect your ICS via special publication National Institute of Science and Technology (NIST) for control systems based on Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS) or the other control system configurations.

ICS Cybersecurity Training

Tonex has served industry and academia with high quality conferences, seminars, workshops and exclusively designed courses in cybersecurity area and is pleased to inform professional fellows about the recent comprehensive training on ICS Cybersecurity.

This comprehensive training provides a detailed overview of Industrial Control Systems (ICS), typical system topologies and architectures, different types of threats and vulnerabilities to industrial systems, and gives a step by step procedure to mitigate the associated risks and maintain the security of your control system.

ICS cybersecurity applies to many industries such as electric, water, wastewater, oil, natural gas, chemical, paper, food, and discrete manufacturing. The reason is due to the numerous attack records in ICS with varying level of potential risk and impact.

This course covers a variety of topics in ICS Cybersecurity area such as ICS fundamentals, ICS security architecture, ICS vulnerabilities, ICS threat intelligence, NERC Critical Infrastructure Protection (CIP), ICS risk management and ICS risk assessment. Moreover, you will learn about ICS auditing and assessment, IEC 62443 standard for system security, ICS implementation and development, ICS incident response, ICS network protection, ICS server protection, SCADA security policies and standards, SCADA cyber-attacks detection, and a lot of labs and hands on examples.

By taking the ICS Cybersecurity training by Tonex you will learn about the life cycle of ICS implementation, ICS policies and procedures, ICS risk management framework steps, access control, contingency planning, and incident response.

The ICS Cybersecurity course by Tonex is an interactive course with a lot of class discussions and exercises aiming to provide you a useful resource for ICS cybersecurity.

If you are an IT professional who specialize in ICS cybersecurity and need to validate your skills, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of the ICS Cybersecurity training that will prepare you for your career.

Learn about the fundamentals of ICS Cybersecurity throughout identifying vulnerabilities of ICS, different types of attacks to Human Machine Interface (HMI) and User Interface (UI), web attacks, attacks on remote devices and network vulnerabilities.

Our instructors at Tonex will help you to master all the ICS Cybersecurity design techniques by introducing the risk management framework, risk assessment techniques, incident response, continuous monitoring, SCADA security improvement, and network security approaches for ICS.

Finally, the ICS Cybersecurity training will introduce a set of labs, workshops and group activities of real world case studies in order to prepare you to tackle all the related ICS Cybersecurity challenges.


The ICS Cybersecurity training is a 4-day course designed for:

  • Control engineers, integrators and architects who will be designing a secure ICS
  • System administrators, engineers who secure ICS
  • Information Technology (IT) professionals who administer, patch or secure ICS
  • Security Consultants who perform security assessment and penetration testing of ICS
  • Managers who are responsible for ICS
  • Senior managers want to understand or apply ICS cybersecurity program to their control system
  • Researchers and analysts working on ICS security
  • Vendors who will develop products for ICS
  • Executives and managers of ICS Cybersecurity area
  • Information technology professionals, security engineers, security analysts, policy analysts
  • Investors and contractors who plan to make investments in ICS industry.
  • Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects

Training Objectives

Upon completion of the ICS Cybersecurity training course, the attendees are able to:

  • Understand fundamentals of Industrial Control Systems (ICS)
  • Recognize the security architecture for ICS
  • Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers
  • Learn about active defense and incident response for ICS
  • Learn the essentials for NERC Critical Infrastructure Protection (CIP)
  • Understand policies and procedures for NERC critical infrastructure protection (CIP)
  • List strategies for NERC CIP version 5/6
  • Apply risk management techniques to ICS
  • Describe ICS Active Defense and Incident Response
  • Describe techniques for defending against the new ICS threat matrix
  • Assess and audit risks for ICS
  • Apply IEC standard to network and system security of ICS
  • Implement the ICS security program step by step
  • Protect the ICS network from vulnerabilities
  • Understand different types of servers in ICS and protect them against attacks
  • Apply security standards to SCADA systems based on NIST SP 800-82
  • Detect different types of attacks to SCADA systems
  • Tackle all the security challenges related to ICS cybersecurity

Training Outline

ICS Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need:

Fundamentals of Industrial Control Systems (ICS)

  • Evolution of Industrial Control Systems (ICS)
  • Global Industrial Cybersecurity Professional (GICSP)
  • ICS Industrial Sectors
  • ICS Operation and Components
  • ICS Design Consideration
  • Real-Time Operating Systems
  • Programming Controllers
  • SCADA Systems
  • Distributed Control System
  • Programmable Logic Controller
  • ICS and IT Systems Security
  • Distributed Control System (DCS) versus Supervisory Control and Data Acquisition (SCADA)
  • Supervisory Components (Master Servers)
  • System Operation
  • Communication Protocols
  • ICS Network Architecture
  • ICS Lifecycle Challenges
  • Network Design

ICS Security Architecture

  • Network Segmentation and Segregation
  • Boundary Protection
  • Firewalls
  • Logically Separated Control Network
  • General Firewall Policies for ICS
  • Recommended Firewall Rules for Specific Services
  • Network Address Translation (NAT)
  • Specific ICS Firewall Issues
  • Unidirectional Gateways
  • Single Point of Failure
  • Authentication and Authorization
  • Monitoring, Logging and Auditing
  • Incident Detection, Response and System Recovery

Common ICS Vulnerabilities

  • Vulnerabilities Inherent in the ICS Product
  • Vulnerabilities Caused by Installation, Configuration and Management of ICS
  • Poor Network Design Issues
  • ICS Software Security Threats
  • Access Controls
  • ICS Attack Surface
  • Attacks on Human Machine Interface (HMI) and User Interface (UI)
  • Attacks on Network Communications
  • Attacks on Remote Devices
  • Authentication Issues
  • Attacks on Control Servers
  • Web Attacks
  • Data Authenticity
  • Cryptographic Issues
  • Credential Management Issues
  • Network Vulnerabilities

ICS Threat Intelligence

  • ICS Active Defense and Incident Response
  • Intelligence Life Cycle and Threat Intelligence
  • ICS Information Attack Surface
  • External ICS Threat Intelligence
  • Internal ICS Threat Intelligence

NERC Critical Infrastructure Protection (CIP)

  • Introduction to CIP
  • NERC Functional Mode
  • NERC Reliability Standards
  • CIP History
  • CIP-002: Cyber System Categorization
  • CIP-003: Security Management Controls
  • CIP Processes
  • Audit Follow Up
  • CIP Industry Activities
  • Standards Process

Risk Management and Risk Assessment

  • Risk and Manufacturing Systems
  • Common ICS Vulnerabilities
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences
  • Risk Classification
  • Introduction to Risk Management Process
  • Special Consideration for ICS Risk Assessment
  • ICS Information Security Risk Assessment Safety
  • Physical Impacts of ICS Incidents
  • Physical Disruption of ICS Process
  • Non-Digital Aspect of ICS into Impact Evaluations
  • Propagation of Impact to Connected Systems

ICS Auditing and Assessment

  • Security Audits
  • Security Assessments
  • System Characterization
  • Asset Classification
  • Vulnerability Assessment
  • Configuration Assessment and Auditing

IEC 62443: Network and System Security for ICS

  • Security Feedback Loop
  • Security Assurance
  • Threat/Risk Assessment
  • Classes of Attackers
  • Management Challenges
  • Cybersecurity Assurance Standards
  • Assurance Matrix
  • Development Assurance
  • Integration Assurance
  • Operational Assurance

Implementation of ICS Security Program Development

  • Business Case for Security
  • Defining the Scope of Security Program
  • Defining ICS-Specific Security Policies and Procedures
  • Implementing ICS Security Risk Management Framework
  • Categorizing ICS Systems and Network Assets
  • Selecting ICS Security Controls
  • Performing Risk Assessment Techniques
  • Implementing Security Controls
  • Continuous Monitoring of Control Systems
  • Access Control
  • Security Assessment and Authorization
  • Contingency Planning
  • Identification and Authentication
  • Incident Response
  • Privacy controls
  • Penetration Testing

ICS Incident Response

  • Incident Response and Digital Forensic
  • Incident Response ICS Team
  • Collecting Evidence
  • Source of Forensic Data in ICS Network
  • Time-Critical Analysis
  • Maintaining and Restoring Operations
  • Performing ICS Incident Response Procedures
  • Identifying the threat in Distributed Control Systems (DCS)

Network Protection for ICS

  • Fundamentals of ICS Network
  • Ethernet
  • TCP/IP Protocol Suite
  • ICS Protocols Over TCP/IP
  • Firewalls
  • Unidirectional Gateways
  • Honeypots
  • Wireless in Control Systems
  • Satellite Protocols
  • Mesh Protocols
  • Bluetooth and WiFi
  • Field and Plant Floor Equipment

ICS Server Protection

  • ICS Windows Systems
  • ICS Linux/Unix Systems
  • Updates and Patching
  • Processes and Services
  • Configuration Hardening
  • Endpoint Protection
  • Automation and Auditing
  • Log Management
  • Database and Historians

SCADA Security Policies and Standards

  • SCADA Organization and Information Architecture
  • SCADA Data Categorization and Ownership
  • Data Security in SCADA
  • Platform Security
  • Communication/ Personnel Security
  • Configuration Management
  • Audit
  • Applications
  • Physical Security
  • Manual Operation
  • SCADA Asset Protection
  • NIST SP 800-82 Standard
  • Steps to SCADA Cybersecurity Improvements

Detection of Cyber-Attacks on SCADA Systems

  • Application Layers Attacks
  • Transport Layer Attacks
  • Network Layer Attacks
  • Modbus Protocol Attack
  • DNP3 Attacks
  • ICCP Server Attacks
  • OPC Servers Attack
  • TCP/IP Attack
  • SCADA Vulnerability Scanning

Workshops for ICS Cybersecurity Training

  • Preliminary ICS Risk Assessment Exercise
  • ICS System Identification and Classification Hands On
  • ICS Vulnerability Assessment Case Study
  • ICS Compliance Audit Case Study
  • Detailed ICS Risk Assessment Experience
  • Selecting ICS Security Controls Experiment
  • Summary of Aurora Hardware Mitigation Projects Workshop
  • Incident Response Workshop
  • Live Attack Demonstration- Hacker’s Perspective
  • Hacking the Power Grid
  • Designing a SCADA Security Policy

ICS Cybersecurity Training

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.