Course aim
The aim of this course is to provide you with a introduction to Operational Technology (OT) Security and to reduce the likelihood of a cyber attack through reprogramming or training the wetware (us).
Course details
Digitisation relies on secure communications to ensure a protected exchange of data between Operational Technology (OT) and Information Technology (IT).
Industrial networks and office networks both use secure communication, but they work in different ways. Both networks have specific requirements which have to be taken into account when planning in order to ensure a reliable data exchange in enterprise networks.
Requirements for IT mainly focus on the user experience, meaning ease of operation based on standards, as well as data transmission performance, such as the transmission of audio and video via a shared infrastructure. It’s based on comprehensive cybersecurity that prioritises privacy and protection of data.
On the other hand, OT mainly focuses on the safe operation of plants with reliable data transmission for time-critical applications, including in harsh and sensitive environments. In this case, special attention is paid to long term endurance and availability with a strong emphasis on compliance with OT security standards.
OT and IT Cyber are different but training needs to be integrated. Too often in the past they have been dealt with separately and in silos.
Our training is designed to help people who have been given responsibility for OT Cyber security for Industrial Automation & Control Systems (IACS) to understand what is required of them and to understand the software, hardware, practices, personnel, and services deployed to protect operational technology infrastructure, people, and data.
The IT element focuses on job functions, or roles and responsibilities specific to individuals and recognises that individuals have unique backgrounds, and therefore, different levels of understanding.
This IT approach recognises that an individual may have more than one organisational role, and will need IT security training which satisfies the specific responsibilities of each role but training should start from a common baseline.
The OT and IT elements are fused to give all students a common understanding of protection needed.
Sometimes overshadowed by the many data security issues which have arisen within Information Technology (IT), the threat to our Operational Technology (OT) – our Industrial Control Systems – has huge significance for all Sectors of Industry, for company success and the economy as a whole.
Course content
This course covers the following components:
- Understanding the difference between OT and IT and their interrelationship
- Does the worst ever really happen? What needs to be done in reality
- Understanding how segregation can help
- System Hardening
- Understanding and managing practical risk
Interactive modules and an assessment at the end are included. A certificate is available on successful completion and the course counts towards Continuing Professional Development (CPD). The course certificate expires 12 months from issue.
Produced as a partnership between OSP Cyber Academy and industrial cyber security experts Cyber Prism. The author of this course is a highly experienced OT cyber security professional, a Fellow of the British Computer Society and one of the very few Lead Practitioner Cyber Security/IA Auditors within the NCSC Certified Cyber Professional.
