ICS Practitioners Security

Course Overview

The NCSC Assured Training ICS Practitioners Security course, which has also been accredited as CIISec Accredited Training, has been designed to provide those at Practitioner or equivalent level with an understanding of today’s cyber security challenges facing their ICS environments. This would also benefit those engaging with an ICS environment for the first time. This knowledge is vital when managing the day to day running of all aspects of security risk for those environments.

This course will show students how to best protect and support their organisation’s cyber security and risk mitigation/reduction strategies for the ICS environments. All students have the option to undertake the associated exam to qualify for the ‘Foundation Certificate in ICS Security Principles’.

Siker have worked in partnership with the UK’s National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) as well as leading Critical National Infrastructure companies to produce this short course.

Who Should Attend

• Anyone new to cyber security in an ICS Environment.
• Non-ICS staff who need to understand ICS terminology and how it differs from their current roles.
• If you are a professional working in an ICS Environment including:
  • Site / Asset Operators
  • Procurement / Contract staff
  • Supply chain staff
  • Site / Asset IT Support engineers
  • Site / Asset Physical Security / Facilities Manager staff

Learning Objectives

• By the end of the course you will be familiar with:
  • How to identify the current and emerging threats to your ICS environments
  • Where your ICS environments may be vulnerable
  • What actions you may need to take to secure those environments and help reduce the risk to your organisation, nation and supply chain
  • How to prepare for and handle a cyber security incident in an ICS environment
  • The need for structured Security Awareness and Training

Course Content

• Session 1: Background
  • An exploration of ICS terminology and a description of the elements involved
  • What are the differences and similarities between IT and OT?
  • What does your ICS Attack Surface look like?
  • What Threats to your ICS exist?
  • Where might your environment be vulnerable
  • A discussion of ICS Security incidents
  • An introduction to ICS Security risk
• Session 2: Securing ICS
  • What is the Purdue model and how does it work in reality?
  • Securing legacy and existing systems
  • How to plan to reduce the security risk to your ICS environments
  • Best Practice Operational Security
  • How to understand Vendor and Supply Chain risk
  • How to build security into the procurement process
• Session 3: Security Incident Management
  • Security Incident identification
  • Security Incident response
  • Security Inident Recovery
  • Planning and Preparation
• Session 4: Cyber Incident Tabletop Exercise
  • ICS Cyber Interactive exercise
• Wrap up / Exam

Course Details

• Course Author has 30+ years of engineering experience designing Industrial Control Systems for industrial plant experience.
• There are no pre-requisites for this course.
• There is no equipment required for this course
• A handbook will be provided for each student.
• On completion a certificate is provided.
• Attendees can earn 12 CPEs.
• This course aligns to the following CyBOK Knowledge Areas: Cyber-Physical Systems, Distributed Systems Security. Risk Management and Governance, and Security Operations and Incident Management.
• This course is a Foundation level course, but it can also be used as preparation for more advanced training such as the Siker ICS405: Securing ICS course as well as the GIAC Global Industrial Cyber Security Professional (GICSP) certification.