All previous live sessions have been recorded and are available.

Course Description

Clint Bodungen (lead author of Hacking Exposed: Industrial Control Systems, and Co-Founder of ThreatGEN) combines his 25+ years of experience and VERY CANDID approach, to offer this unique, and rare, opportunity to learn directly from him in this live, interactive course.  

By the end of the course, students will have gained a clear and comprehensive understanding of the unique challenges and risks faced by Industrial Control Systems (ICS) and Operational Technology (OT) cybersecurity (or more appropriately, cyber risk management), and how to solve them realistically and effectively. They will learn to separate fact from fiction, and marketing and hype from actual ICS risks and mitigations. Students will learn about the threat landscape facing ICS/OT systems, how to build and maintain an effective ICS/OT risk management program, proper ICS/OT risk assessment/management, mitigations/safeguards, vulnerability assessment/management that is safe for production environments, incident response planning and management, ICS/OT cybersecurity standards and frameworks (including MITRE ATT&CK), learn how to effectively communicate and collaborate with their IT/OT counterparts.

NOTE: This is not a deep hands-on technical course on PLC programming or technical penetration testing techniques. See the FAQ below, as to why.

What Students Will Learn

  • The truth about ICS/OT cyber threats, risks, and solutions 

  • Effective communication and collaboration with their IT/OT counterparts

  • ICS/OT key functions, systems, components, equipment, architecture

  • ICS/OT risks, hazards, consequences, and impact

  • Key cybersecurity challenges and risks associated with ICS/OT systems

  • ICS/OT threat landscape

  • Common ICS/OT vulnerabilities and methods for safe assessment and remediation

  • Risk assessment methodologies and appropriate ICS/OT risk management techniques (as part of a PHA/HAZOPS program)

  • How to develop incident response plans and procedures

  • How to effectively apply cybersecurity standards and frameworks in ICS/OT cybersecurity

  • How to understand and effectively use the MITRE ATT&CK framework


Bonuses

  • Lifetime access to recorded content, materials, and updates

  • Interactive “AMA” style sessions with Clint Bodungen (for live attendees)

  • Access to a private online social community specifically for students of this course

  • Cybersecurity CPE Credits

  • Course Certificate

  • 3 months of complimentary access to the ThreatGEN® Red vs. Blue Cybersecurity Simulation Platform


Who This Course is For

  • Cybersecurity professionals and/or students interested in expanding their ICS/OT cybersecurity knowledge

  • IT and OT professionals responsible for managing ICS/OT systems and securing them against cyber threats

  • Engineers and operators responsible for designing, installing, and maintaining ICS/OT systems

  • Anyone interested in learning more about ICS/OT cybersecurity and how it differs from traditional IT cybersecurity


Syllabus

Introduction to ICS/OT Cybersecurity

  • Overview of ICS/OT systems
  • Key cybersecurity challenges for ICS/OT
  • Brief history of real-world ICS/OT cybersecurity incidents
  • An honest look at ICS/OT cyber risk
  • Bridging the IT/OT gap


Introduction to ICS/OT Systems

  • ICS equipment
  • ICS systems and architecture
  • ICS protocols
  • ICS hazards, consequences, and impacts


Threat Landscape for ICS/OT Cybersecurity

  • Overview of threats to ICS/OT systems
  • Malware and ransomware
  • Advanced persistent threats (APTs)
  • Insider threats
  • Cyber-physical threats
  • Common ICS/OT attack vectors


Cyber Risk Management for ICS/OT Cybersecurity

  • Overview of cyber risk management
  • Introduction to PHA/HAZOPS
  • Identifying and assessing risk for ICS/OT systems
  • The ICS/OT risk assessment process
  • Risk mitigation strategies and best practices


Access Control for ICS/OT Systems

  • Overview of access control
  • Access control for ICS/OT


Network Security and Architecture for ICS/OT Systems

  • Overview of network security
  • Stop using the “Purdue Model” (and why)
  • Proper ICS/OT Network segmentation
  • Methods, tools, and techniques


Vulnerability Management for ICS/OT Systems

  • Common ICS/OT vulnerabilities
  • Safe ICS/OT vulnerability assessment methods
  • Safe patching/remediation methods for ICS/OT


Introduction to Threat Detection and Incident Response for ICS/OT Systems

  • Overview of threat detection
  • Intro to ICS/OT threat detection methods, tools, and techniques
  • Intro to incident response
  • Incident response plan development
  • Incident response procedures and best practices
  • Introduction to the MITRE ATT&CK framework


Understanding ICS/OT Cybersecurity Standards and Frameworks

  • Overview of cybersecurity standards and frameworks
  • NIST Cybersecurity Framework
  • NIST SP 800-82
  • ISA/IEC 62443
  • NERC CIP
  • TSA Pipeline Security Directive


ThreatGEN® Red vs. Blue End of Course Competition

  • Using the ThreatGEN® Red vs. Blue Cybersecurity Simulation Platform, go head-to-head with your classmates in a friendly competition for prizes and bragging rights!

Instructor

Clint Bodungen

Clint is a world-renowned industrial cybersecurity expert, public speaker, published author, and cybersecurity gamification pioneer. He is the lead author of Hacking Exposed: Industrial Control Systems, and creator of the ThreatGEN® Red vs. Blue game-based cybersecurity simulation platform. He is a United States Air Force veteran, has been a cybersecurity professional for more than 25 years, and is an active part of the cybersecurity community, especially in ICS/OT. Focusing exclusively on ICS/OT cybersecurity since 2003, he has helped many of the world's largest energy companies, worked for cybersecurity companies such as Symantec, Kaspersky Lab, and Industrial Defender, and has published multiple technical papers and training courses on ICS/OT cybersecurity vulnerability assessment, penetration testing, and risk management. Clint hopes to revolutionize the industry approach to cybersecurity education, and help usher in the next generation of cybersecurity professionals, using gamification. His flagship product, ThreatGEN® Red vs. Blue, is the world’s first online multiplayer cybersecurity computer game, designed to teach real-world cybersecurity.

FAQ

  • Will I learn how to program PLCs or perform penetration testing techniques?

    No. This is not an advanced technical course.

  • Why aren't there any technical sections such as PLC programming or penetration testing techniques?

    This course focuses on the broader aspects of ICS/OT cyber risk management such as proper risk analysis and prioritization, architecture, most effective safeguards/controls, and overall cyber risk program management. In our experience, those are the most impactful aspects of ICS/OT cyber risk management. Knowing and understanding the more technical aspects are important, but not everyone needs to be at that level of technical expertise.

  • How can this be called a "masterclass" if it doesn't go into technical detail?

    The term "masterclass" is not a claim to turn students into "masters" or advanced practitioners. In this context, it refers to the fact that there is an industry recognized "master" level practitioner and published author (with a major publisher) with many years of experience (more than 25 years in this case) teaching the course.

  • What if I can't attend the live sessions?

    All sessions will be recorded. You do not need to commit to attending live sessions. We will take a student consensus and vary dates/times so everyone has a chance to participate in live sessions.

  • Will this course be run again?

    If there is enough demand to run this course again, yes.

  • Will I receive CPE credits for this course? If so, how many?

    Yes. At the completion of this course, you will receive a CPE certificate for 10 hours of "instructor led cybersecurity class" cybersecurity CPE credits, along with the list of topics and domains covered in the course.

  • Will I receive a certificate for this course?

    Yes. Upon completion of this course, you will receive a certificate of completion.

  • Will this course help me with ICS cybersecurity certifications such as the GICSP?

    We do not guarantee a "one-for-one" mapping to the GICSP certification, but we will cover all of the same knowledgebase of material as the GICSP. In many cases we will exceed the material requirements. However, since we cannot validate when the GICSP exam was last updated or its accuracy, and we are not "teaching to the exam", we cannot predict how much this course will aid you with the GICSP exam.

  • How long will I have access to this course, its materials, and updates?

    For as long as this site remains in service.