Price: $2,499.00
Length: 3 Days
Print Friendly, PDF & Email

Industrial Control System (ICS) and SCADA Cybersecurity Training

Industrial Control System (ICS) and SCADA Cybersecurity training by TONEX will help you to support and defend your industrial control system to operate in a threat-free environment and resilient against emerging cybersecurity threats.

Industrial Control System

Cyber-attacks on critical infrastructures and industrial control systems especially Supervisory Control and Data Acquisition (SCADA) are becoming more common for organization and governments. These types of attacks can severely impact service, data integrity, compliance and public safety. Therefore, it is needed for every organization to implement a cybersecurity approach to identify risks and manage them in order ensure the protection of industrial control systems.

TONEX has been providing professional seminars, workshops, detailed courses and consulting services in security area since 1993 and has established a unique structure which has been proven to be most successful for utility organizations and stakeholders.

Industrial Control System (ICS) and SCADA Cybersecurity training is designed by our professionals in cybersecurity and power system area to use standard cybersecurity approaches that can be implemented to ICS and SCADA which will last for long period of time.

Industrial Control System (ICS) and SCADA Cybersecurity training covers a variety of topics in ICS and SCADA cybersecurity such as: fundamentals of ICS and SCADA, ICS and SCADA vulnerabilities, risk management basics, selecting and implementing controls for ICS security, ICS/SCADA network and device security, SCADA security program development, and wireless security applied to SCADA systems.

Our instructors at TONEX will teach you the fundamentals of ISC and SCADA systems, role of real time operating systems, the difference between SCADA and distributed control systems (DCS), ICS and SCADA networks, and communications in SCADA systems.

Learn about common vulnerabilities in ICS and SCADA, how to detect the threats, how to find the source of incidents, types of threats in SCADA/ICS networks, servers and mobile devices or web attacks.

By taking Industrial Control System (ICS) and SCADA Cybersecurity, you will learn different approaches to manage the risk, assess the security, monitor the system and ensure the physical security of ICS and SCADA systems in your organization.

Learn specifically about security development for networks and mobile devices in SCADA and ICS, wireless security of these industrial systems and protection against different types of vulnerabilities.

This course also offers a set of real-world case studies, hands on experiments and class discussions in order to give you a clear idea about ICS and SCADA security, and makes you prepared for challenges in your organization.

Audience

Industrial Control System (ICS) and SCADA Cybersecurity training is a 3-day course designed for:

  • IT and ICS cybersecurity personnel
  • Field support personnel and security operators
  • Auditors, vendors and team leaders
  • All individuals who need to understand the ICS and SCADA Protection concepts
  • Electric utility engineers working in electric industry security
  • System personnel working on system security
  • System operators and individuals in electric utility organizations
  • Independent system operator personnel working with utility companies
  • Electric utility personnel who recently started career involved with ICS security.
  • Technicians, operators, and maintenance personnel who are or will be working at electric utility companies.
  • Investors and contractors who plan to make investments in electric industry considering security standards.
  • Managers, accountants, and executives of electric industry.

Training Objectives

Upon completion of Industrial Control System (ICS) and SCADA Cybersecurity training course, the attendees are able to:

  • Understand fundamentals of Industrial Control Systems (ICS) and SCADA systems
  • Understand vulnerabilities and attacks for ICS and SCADA
  • Learn about attack architectures in SCADA and ICS
  • Explain risk management procedures applied to SCADA and ICS
  • Identify risks in SCADA and ICS systems and conduct risk assessment
  • Apply physical protection principles to SCADA and ICS systems
  • Learn about security standards applied to ICS and SCADA such as NIST, ISA and CPNI
  • Learn different types of servers used in ICS and SCADA and apply security concepts to servers
  • Explain the concept of security in SCADA/ICS networks and preventing the attacks to networks in these structures
  • Develop and deploy security programs for SCADA and ICS
  • Understand the security related issues to the wireless system in SCADA and ICS

Training Outline

Industrial Control System (ICS) and SCADA Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need:

Fundamentals of ICS and SCADA

  • Industrial Control Systems Overview
  • Global Industrial Cybersecurity Professional (GICSP)
  • Roles and Responsibilities of ICS
  • Real-time Operating Systems
  • Programmable Logic Controllers (PLC)
  • Distributed Control Systems (DCS)
  • Supervisory Control and Data Acquisition (SCADA)
  • Master Servers
  • Industrial Computing Applications and SCADA Systems
  • Communication Protocols
  • Network Design
  • Types of SCADA Networks
  • SCADA Network Operations and Management
  • Communications Media and Signals
  • SCADA  Reliability, Redundancy and Safety
  • Planning and Managing SCADA Projects
  • SCADA Technical Operations
  • SCADA Characteristics, Threats and Vulnerabilities
  • Comparing SCADA and IT Systems
  • SCADA and DCS Comparison
  • Physical Security of SCADA Systems
  • ICS Network Architecture

ICS/SCADA Vulnerabilities

  • ICS Attack Architecture
  • Attacks on Human Machine Interface (HMI)
  • Attacks on User Interfaces
  • Potential SCADA Vulnerabilities
  • Policy and Procedure Vulnerabilities
  • Platform Vulnerabilities
  • Network Vulnerabilities
  • SCADA Network Communication Attacks
  • Risk Factors
  • Standardized Protocols and Technologies
  • Increased Connectivity
  • Insecure and Rogue Connections
  • Public Information
  • Possible Incident Scenarios
  • Sources of Incidents
  • Documented Incidents
  • Web Attacks
  • ICS Server Attacks
  • Attacks on ICS Remote Devices
  • Firmware Attacks

 Risk Management Basics

  • Risk and Industrial Control Systems
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences of Vulnerabilities
  • Risk Classification
  • ICS Risk Assessment
  • Planning
  • System and Services Acquisition
  • Certification, Accreditation, and Security Assessments
  • Operational Controls
  • Personnel Security
  • Physical and Environmental Protection
  • Contingency Planning
  • Configuration Management
  • Maintenance
  • System and Information Integrity
  • Incident Response
  • Awareness and Training
  • Identification and Authentication
  • Access Control
  • Audit and Accountability
  • Asset Classification
  • System and Communications Protection

 Selecting and Implementing Controls for ICS Security

  • ICS Security Assessment
  • ICS Vulnerability Assessment
  • Configuration Assessment and Auditing
  • Risk Reduction
  • Standards and Security Controls Applied to ICS (NIST, ISA and CPNI)
  • ICS Security Technologies

 ICS/SCADA Server Security

  • Different Server Types Used in ICS
  • Windows Operating Systems in ICS
  • Linux/Unix Operating Systems in ICS
  • Endpoint Protection
  • Automation and Auditing
  • Log Management for ICS Servers

 ICS/SCADA Network and Device Security

  • Fundamentals of Networks
  • Ethernet, TCP/IP Protocol
  • ICS Protocol Architectures
  • Firewalls and Gateways
  • Honeypots
  • ICS Wireless Systems
  • Satellite, Mesh, Wi-Fi, and Bluetooth Systems
  • SCADA Security Network Architecture
  • Firewalls and Logically Separated Control Network
  • Network Segregation
  • Specific SCADA Firewall Issues
  • Data Historians
  • Remote Support Access
  • Multicast Traffic
  • Single Points of Failure
  • Redundancy and Fault Tolerance
  • Preventing Man-in-the-Middle Attacks

 SCADA Security Program Development and Deployment

  • Business Case for Security
  • Potential Consequences
  • Key Components of the Business Case
  • Resources for Building Business Case
  • Presenting the Business Case to Leadership
  • Developing a Comprehensive Security Program

 Wireless Security Applied to SCADA

  • Overview of Current Wireless Technologies
  • 11, 802.15 and 802.16 Technologies
  • Overview of Wireless Security
  • WEP
  • TKIP and the WPA/WPA2
  • IEEE 802.11i
  • Authentication, Encryption, and Integrity Methods
  • Cellular/Mobile Interworking
  • LTE application in SCADA

 Hands On, Workshops, and Group Activities

  • Labs
  • Workshops
  • Group Activities

 Sample Workshops and Labs for Industrial Control Systems and SCADA Security

  • ICS Risk Assessment Exercise
  • ICS System Identification and Classification Case Study
  • ICS Vulnerability Assessment and Compliance Auditing
  • Risk Assessment Case Study for ICS and Selecting Security Controls
  • Host Based Intrusion Prevention Systems
  • Industrial Firewall Inspection Case
  • Modbus Communication Network Attacks
  • Incident Response and Risk Management Case Study

Industrial Control System and SCADA Cybersecurity Training

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.