Investigations
Security
Capacity Building
Insights
About
Digital Threat Digest Insights Careers Let's talk

Industrial Control Systems (ICS) Practitioners Security Course

Our 2-day ICS Practitioners Security training is CIISec Accredited. It has been designed by our expert trainers to provide foundation level training for practitioners with an understanding of the cyber security challenges facing their environments.

Fox

This knowledge is vital when managing the day-to-day running of all aspects of security risk for those environments. This training also discusses how to forward plan to help mitigate and reduce risks as well as identifying and responding to a cyber incident, and is suitable prerequisite learning for PGI’s Industrial Control Systems Security Analyst training.

Our experts have worked in partnership with the National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) in the UK, and leading Critical National Infrastructure (CNI) organisations.

This training can be delivered virtually for our public training courses, or closed training courses can be booked for classroom training at our London or Bristol facilities, or at our clients’ premises.

Aim

By the end of this training, participants will know how to fully understand the security risks facing their ICS environments, including the supply chain, protecting industrial control environments and best identifying and supporting their organisations’ cyber security and risk mitigation/reduction strategies for those ICS environments.

Audience

If you are a practitioner involved with ICS procurement/ implementation/ audit/ maintenance or part of an ICS environment supply chain and/or people who need full awareness of the security risks to these environments, including:

  • Site/Asset User or Operator
  • Site/Asset IT/ICS Support engineer
  • Site/Asset Physical security/Facilities Management professional
Learning outcomes

By the end of this training, participants will be familiar with:

  • How to identify what current and emerging threats their ICS environments face
  • Where their ICS environments may be vulnerable
  • What actions they need to take to secure those environments and help reduce the risk
  • How to prepare for and handle a cyber security incident in those environments
Prerequisites

There are no pre-requisites for this course and no laptop is required. A handbook with supporting material is provided.

Participants can earn 12 CPE credits.

Syllabus

Part 1: Background (what is an ICS, what are the threats and vulnerabilities)

  • ICS description and terminology
  • ICS Vs IT. Differences and similarities
  • Threats to ICS
  • ICS vulnerabilities
  • Known ICS security incidents

Part 2: Securing ICS (what can be done to secure an ICS)

  • Secure architecture and design
  • Securing existing and legacy systems
  • Security risk management
  • Operational security
  • Vendor management
  • Building security into procurement processes

Part 3: Security Incident Management (what to do when the worst happens and roles and responsibilities)

  • Security incident identification
  • Security incident response
  • Security incident recovery
  • Planning and preparation

Part 4: Cyber Incident Exercise

  • Cyber interactive exercise