401 Live - ICS Evaluation (IN PERSON CLASS)

775 Lindsay Boulevard,Idaho Falls ID 83402

15 August, 2022

Description

This instructor-led 4-day course provides hands-on training on how to analyze, evaluate, and document ICS cybersecurity posture. NOTE: 301, 301V or 301L is NOT a prerequisite for this course. CLASS SIZE WILL BE LIMITED TO 25 participants This instructor-led 4-day course provides hands-on training on how to analyze, evaluate, and document the cybersecurity posture of an organization’s Industrial Control Systems (ICS) for the purpose of identifying recommended changes. Specifically, the course will utilize a multi-step repeatable process, within a simulated ICS environment, that teaches how to analyze cybersecurity weaknesses and threats, evaluate and map findings, document potential mitigations, and provide ongoing resolutions to strengthen the cybersecurity posture. This course is also intended to increase awareness of how a threat related to the Industrial Control System translates into a threat to business operations, either directly through the ICS or indirectly via network connections. Attendees will come to more fully appreciate that most businesses have numerous support processes and systems controlled by, or otherwise dependent on, an Industrial Control System. At the completion of this course attendees will have the basic skills necessary to conduct a self-evaluation of their organization’s ICS, develop mitigation strategies for vulnerabilities, and a tool to create new or update existing cybersecurity plans. Attendees will leave with a template that can be used for evaluating the cybersecurity posture at their workplace. At the end of this course, attendees will be able to: Discuss components of an ICS evaluationIdentify assets within ICS networksDetermine ICS connectivityEvaluate network monitoring capabilitiesDiscuss the use of Wireless in ICS environmentsDetermine ICS dependenciesEvaluate risk using OSINT and OPSEC methodsEvaluate adversarial riskAssess supply riskEvaluate risk management and mitigation approachesPrerequisites: - Basic understanding of Cybersecurity in an ICS environment - Suggested prerequisite courses at https://ics-training.inl.gov. 100W Cybersecurity Practices for Industrial Control Systems210W-03 Common ICS Components210W-05 ICS Cybersecurity Risk or ICS Cybersecurity Landscape for ManagersWho Should attend: Individuals who are responsible for evaluating or assessing the cybersecurity posture of critical infrastructure. This could include any of a number of specific roles and responsibilities such as cybersecurity management, risk management personnel, IT and control system (OT) security personnel, network engineers, OT engineers and managers. This class is geared towards small to medium sized companies with no OT risk management personnel but personnel from large business are welcome also. A certificate of completion will be provided at the conclusion of the course. This course is IACET accredited, awarding attendees Continuing Education Units (CEUs) upon completion. There is no tuition cost to the attendee for this training.