SlideShare a Scribd company logo

TI Safe ICS Cybersecurity Training

TI Safe
TI Safe

- The document presents an ICS cybersecurity training program created by TI Safe to educate professionals on identifying risks in industrial networks and recommending countermeasures according to international security standards. - The 20-hour course aims to train students to design and deploy a Cyber Security Management System for critical infrastructure automation networks. It covers topics such as ICS architectures, risks and attacks, and provides demonstrations on industrial network simulators. - Supporting materials include apostilles in Portuguese and English that are constantly updated based on technical references from leading books and companies in the ICS security field. Practical classes complement the theoretical concepts taught.

Technology
1 of 11
Download to read offline
ICS Cybersecurity Training Characteristics and Summary v. 2.07 Revised in 04/22/2019
PAGE INTENTIONALLY LEFT BLANK
Preface This document aims to present the "ICS Cybersecurity Training". Intellectual property All product names mentioned in this document are trademarks of their respective manufacturers. This document and the information contained here are confidential and proprietary of TI Safe. All property rights (including, without limitation, trademarks, comercial secrets, etc.) evidenced by or included in attachments or relative documents are solely for TI Safe. TI Safe provides restricted use of this material to explicitly authorized employees, customers and business partners through the integrity and confidentiality maintenance agreement. Unauthorized use, distribution, or reproduction will be considered a violation of property rights and civil or criminal measures will be applied under applicable law. Warning This document is intended to be complete and clear. TI Safe shall not be liable for any damages, financial or business losses resulting from omissions or imperfections contained herein. This document is subject to change without advance notice. It is recommended to contact TI Safe for updates and / or additional information. Contact TI Safe provides different channels of communication with its customers, suppliers and associates: Rio de Janeiro, Brazil Estrada do Pau Ferro 480 , Bloco 1, Loja R, Pechincha ZIP Code – 22743-051 – Rio de Janeiro, RJ – Brasil Telefone: +55 (21) 3576-4861 São Paulo, Brazil Rua Dr. Guilherme Bannitz, nº 126 - 2º andar Cj 21, CV 9035 - Itaim Bibi – ZIP Code - 04532-060 - São Paulo, SP - Brasil Telefones: +55 (11) 3040-8656 Salvador, Brazil Av. Tancredo Neves nº 450 – 16º andar – Edifício Suarez Trade ZIP Code – 41820-901 – Salvador, BA – Brasil Telefone: +55 (71) 3340-0633 Lisbon, Portugal Av. da Liberdade 110, 1269-046 Lisbon, Portugal Telefone: +351 21 340 4500 e-mail: contato@tisafe.com website: www.tisafe.com skype (somente voz): ti-safe Twitter: @tisafe
Certificate of documentation changes Version Date Author Description 1.00 03.05.2009 Marcelo Branquinho Generation of the first document 1.01 09.10.2009 Marcelo Branquinho Review and update of inserted topics 1.02 10.13.2009 Marcelo Branquinho Content review for 20 hours 1.03 04.13.2010 Marcelo Branquinho OPC Security Inclusion 1.04 07.19.2011 Marcelo Branquinho Inclusion of new chapters based on information security and practical demonstrations of attacks on networks and systems 1.05 07.26.2011 Marcelo Branquinho Conceptual review of the summary 1.06 07.28.2011 Marcelo Branquinho Conceptual review of the summary 1.07 07.30.2011 Marcelo Branquinho Conceptual review of the summary 1.08 08.03.2011 Marcelo Branquinho Conceptual review of the summary 1.09 08.06.2011 Marcelo Branquinho Conceptual review of the summary 1.10 08.10.2011 Marcelo Branquinho Conceptual review of the summary 1.11 08.12.2011 Marcelo Branquinho Conceptual review of the summary 1.12 08.16.2011 Marcelo Branquinho Conceptual review of the summary. Insertion of case study for CSMS Framework. 1.13 09.06.2011 Marcelo Branquinho Conceptual review of the summary 1.14 04.04.2012 Marcelo Branquinho e Jan Seidl Review of several chapters with content addition and technological update of the training. 1.15 06.027.2012 Marcelo Branquinho Added theoretical reference in the summary. 1.16 10.10.2012 Marcelo Branquinho Added content in the apostille and revised the sequence of chapters. Chapter 12 created. 1.17 05.09.2013 Marcelo Branquinho Inserted content about one-way security gateways. 1.18 05.21.2013 Marcelo Branquinho Updated content standards with NERC-CIP. 1.19 06.11.2013 Marcelo Branquinho Inserted content about continuous monitoring. 1.20 08.12.2013 Marcelo Branquinho Included ANSI / ISA-100.11a standard and revised security content in industrial wireless networks. 1.21 09.19.2013 Marcelo Branquinho Change in chapter order and lesson plan. 2.01 11.28.2017 Marcelo Branquinho Conceptual review of the summary according to ICS.SecurityFramework. 2.02 12.08.2017 Marcelo Branquinho New document layout. 2.03 12.11.2017 Marcelo Pessoa Review of indexing of apostille. 2.04 08.02.2018 Marcelo Branquinho English version revision 2.05 08.13.2018 Marcelo Branquinho Update with new contents. 2.06 02.09.2019 Marcelo Branquinho Update with new contents. 2.07 04.22.2019 Marcelo Branquinho Update with new Cyber Security for Industry 4.0 (IIoT) chapter.
Summary Data Training name ICS Cybersecurity Training Reasons for the creation of "ICS Cybersecurity Training". • There was no other similar training in Latin America • Professional experiences in developing and deploying solutions for ICS Cybersecurity already waved vulnerabilities in critical infrastructures, and training would disseminate this culture. Offer justification The course fills a market segment that has great demand from industries whose infrastructures are critical to the nations. This is the first Latin American Traning, with Portuguese and English versions, to teach the application of the good practices of ANSI/ISA 99 and ISA-IEC 62443 standards for the cyber security of industrial systems and networks. Fulfills all ISA requirements (details at http://www.isa.org/) for ICS cybersecurity. Goals Educate professionals to be capable of identifying risks in industrial networks, as well as recommend the main countermeasures for them, according to the main international security standards and the ICS.SecurityFramework methodology developed by TI Safe. To capacitate professionals to design and deploy the CSMS (Cyber Security Management System) in critical infrastructure automation networks. Student Profile IT or OT professionals with knowledge of operating systems, network protocols, programming languages, hardware and software. Desirable knowledge in information security and Industrial Control Systems (ICS). English language proficiency is recommended for watching videos and reading training support material. Field of activity ICS Cybersecurity. Workload and course duration The course is available in a 20 hours format, divided into 5 periods of 4 classroom hours each.
Theoretical reference In the preparation of the apostille and materials presented in the training were used technical contents from several sources of research that are part of the recommended bibliography: • “Segurança de Automação Industrial e SCADA”, written by TI Safe Team – Elsevier publisher • “Securing SCADA Systems”, written by Ronald L. Krutz – Wiley publisher. • “Techno Security's Guide to Securing SCADA” written by Jack Wiles, Ted Claypoole, Phil Drake, Paul A. Henry, Lester J. Johnson Jr, Sean Lowther, Greg Miles e James H. Windle – Syngress publisher. • “Protecting Industrial Control Systems from Electronic Threats”, written by Joseph Weiss. Momentum Press publisher. • “The Stuxnet Computer Worm and ICS Security”, written by Jackson C. Rebane. Nova Publisher. • “Inside Cyber Warfare”, written by Jeffrey Carr. O´Reilly publisher. • “Cyber War: The Next Threat to National Security and What to Do About It”, written by Richard A. Clarke e Robert Knake. Ecco publisher. • “Cyberpower and National Security (National Defense University)”, written by Franklin D. Kramer, Stuart H. Starr e Larry Wentz. NDU Press publisher. • “A Arte de Enganar”, written by William L. Simon, Kevin Mitnick, Makron Books publisher. This comprehensive bibliography includes the same technical benchmarks used in the official ICS cybersecurity training programs of the major North American cyber defense institutes and is based on the recommended content for training and awareness plans of the ISA/IEC 62443 standard. Text Books The training apostilles were prepared in Portuguese and English and distributed in digital format (PDF file). They are constantly updated and improved. In addition to the mentioned bibliographical references, we have the important support of the leading companies in the ICS Cybersecurity arena to ensure that we have the insights on the latest industrial systems defense technologies used today. Picture: Module 1 cover sheet One week before the start date of each training, TI Safe will send the data so that enrolled students can download the apostille and supporting material from the Internet. It is up to each student to print the apostille or take their laptop or tablet to classes with the apostille in digital format. TI Safe respects the environment and natural resources and follows strictly the principles of its environmental policy, so it does not print or recommend the printing of digital files.
Practical Classes and Technical Demonstrations During the training will be held practical classes and technical demonstrations of attacks and defenses against simulated automation networks. For the demonstration of attacks against industrial networks we counted on simulators of automation networks industrial plants shown in the figure below: Figure: Industrial Network Simulators used in the ICS Cybersecurity Training Trainning Agenda
Goals and Contents Module Goals Contents Module 1 - Introduction Presentation of training objectives rules, instructors and students. • Brief presentation of instructors and students. • Presentation of the training agenda and objectives, bibliography and supporting material. • About TI Safe. Module 2 - Risks Overview of a SCADA system, its elements, protocols and typical architecture. Definition of critical infrastructures, their importance and presentation of recent cyberterrorism cases. Presentation of the types of attackers, the market that feeds the cyber attacks and the main challenges for implementation of cyber security in critical infrastructures Presentation of techniques for the elaboration of risk analysis in industrial networks according to ISA/IEC-62443 standard and the TI Safe´s ICS.SecurityFramework methodology. • Overview of an ICS • Industrial control systems architecture. The Purdue model (ISA-95) • Industrial networks • SCADA systems • Industry 4.0 • What are Critical Infrastructures? • Cyber warfare – the 5th dimension of war • Characteristics of the new attackers • The cybercrime Market • The Dark Web • Vulnerabilities in industrial control systems • History of cyber attacks to industrial networks • Malware, the main hacker´s weapon • Cyber security challenges for industrial control systems • Basic concepts • Risk Scenarios • Classification of critical infrastructure networks • Classification method • Risk analysis • Controls evaluated in static analysis • Physical security analysis • Dynamic analysis • Example of Risk Analysis Report (ACME company) Module 3 - Planning Presentation of methods for the development of an Industrial Cyber Security Plan. • Considerations for a cybersecurity strategy • Planning for deployment of cybersecurity countermeasures in an industrial network • ICS Cybersecurity Plan example (ACME Company)
Module 4 - Controls Governance and Monitoring: Presentation of the main international standards that guide the implementation of cybersecurity policies in industrial networks. Basic concepts for the development of a business continuity plan (BCP). Edge Security: Presentation of Firewalls, VPNs, unidirectional security gateways and strategies for security in industrial WiFi networks. Industrial Network Protection: Details of the defense in depth strategy recommended by ANSI/ISA-99 / ISA 62443 and presentation of the zones and conduits model Presentation of cyber security solutions used for industrial network protection. Malware Control: Presentation of the weaknesses of solutions traditionally used for malware protection in automation networks. Malware control in OT networks and presentation of modern solutions to prevent malware attacks. Data Security: Presentation of threats to access to computer networks and the weaknesses of remote access to industrial networks. Presentation of solution for second factor of authentication in systems and industrial applications. Cybersecurity for Industry 4.0 (IIoT): Presentation of the challenges of implementing cyber security for industry 4.0, based on IIoT (Industrial Internet of Things). Education and Awareness: Presentation of concepts to build an education and awareness plan aiming at establishing the culture of cyber security for automation networks. • Reference standards • The ANSI/ISA 99 | ISA/IEC 62443 standard • The NIST 800-82 Guide • The NERC-CIP standard • Industrial Internet Consortium • Automation security policies • Business Continuity Plan (BCP) • Firewall architectures and DMZ deployment • Next generation firewalls • VPNs and Unidirectional security gateways • Industrial WiFi security • Why do security solutions fail? • Direct attacks on the control network • Zones and Conduits Model • Network segmentation with NGFW and services • VLANs • Industrial firewalls. • Zero Trust Architecture • Inventory and asset visibility with Machine Learning • The use of antivirus and patches in OT networks • Blacklisting x Whitelisting • Example of solution for protection against malware infections in automation networks • Threats to access control • Access Control: Concepts and Methodologies • Main authentication mechanisms. • Remote access to industrial networks and SCADA • Example of solution for second authentication factor in remote access to industrial networks. • What are IoT and IIoT? • IIoT in Manufacturing. • IoE - IIoT in energy networks. • Cloud security. • Security framework for IIoT. • Education and awareness plan • Training and certifications available on the market • Awareness-raising methods • Main international events
Module 5 - Monitoring Presentation of methods for the implementation of continuous monitoring in automation plants, including SIEM technologies and managed security services (ICS-SOC). Presentation of new technologies for ICS Cybersecurity. • Continuous monitoring and trends • What to monitor in an automation network? • Basics and benefits of using an SIEM tool • Internal Monitoring Center • Challenges for implementing a SOC • TI Safe ICS-SOC • Trends in industrial cyber Security Module 6 - Pratices Ensure that the student has contact with the main hacking techniques and also the ICS Cybersecurity countermeasures presented during the training. • Initial setup of simulators and attacker machine on Kali Linux • Web Target Scanning with Shodan • Port scanning and services (Port Scan) • Scan PLC variables using Wireshark • Internal DoS Attack against PLC • DoS Attack against IIoT • Attack throught the values manipulation of PLC control variables • Development of Ciberweapon for remote control • Attack on the PLC via cyberweapon in PDF • Demonstrations and practices of cyber security countermeasures. • Demonstration of malware control solution for USB scanning • Demonstration of Malware industrial endpoint protection • NGFW Log Inspection Demo • Demonstration of Industrial Network Protection solution with Machine Learning • Demonstration of Industrial Intelligence using SIEM Tool
PAGE INTENTIONALLY LEFT BLANK

Recommended

Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
VivianMarcello3
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information Security
PECB
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
Edureka!
 
Cyber security 07
Cyber security 07Cyber security 07
Cyber security 07
Habib Siddiqui
 
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | EdurekaTop 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Edureka!
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
Network Security
Network SecurityNetwork Security
Network Security
Raymond Jose
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 

Recommended

Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
VivianMarcello3
 
The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information Security
PECB
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
Edureka!
 
Cyber security 07
Cyber security 07Cyber security 07
Cyber security 07
Habib Siddiqui
 
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | EdurekaTop 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Edureka!
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
Network Security
Network SecurityNetwork Security
Network Security
Raymond Jose
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Soo Chin Hock
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
Brencil Kaimba
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
divyanshigarg4
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
Robert Smith
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Foram Gosai
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
ShivamSharma909
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4
Carol Montgomery Adams
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03
Home
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Home
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
ANGIEPAEZ304
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Final Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docxFinal Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docx
write22
 
Cisco - The Security Scoop
Cisco - The Security ScoopCisco - The Security Scoop
Cisco - The Security Scoop
Derek Lewis
 

More Related Content

What's hot

Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Soo Chin Hock
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
Brencil Kaimba
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
divyanshigarg4
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
Robert Smith
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Foram Gosai
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
ShivamSharma909
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4
Carol Montgomery Adams
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03
Home
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Home
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
ANGIEPAEZ304
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 

What's hot (20)

Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 

Similar to TI Safe ICS Cybersecurity Training

Final Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docxFinal Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docx
write22
 
Cisco - The Security Scoop
Cisco - The Security ScoopCisco - The Security Scoop
Cisco - The Security Scoop
Derek Lewis
 
Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich
TopCyberNewsMAGAZINE
 
Laureate Online Education Information Security Engineering .docx
Laureate Online Education Information Security Engineering .docxLaureate Online Education Information Security Engineering .docx
Laureate Online Education Information Security Engineering .docx
DIPESH30
 
Security and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical SystemsSecurity and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical Systems
Bob Marcus
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
LabSharegroup
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
1 fruct genesis_livshitz_v6_17-03-2018
1 fruct genesis_livshitz_v6_17-03-20181 fruct genesis_livshitz_v6_17-03-2018
1 fruct genesis_livshitz_v6_17-03-2018
Илья Лившиц
 
Inside TorrentLocker (Cryptolocker) Malware C&C Server
Inside TorrentLocker (Cryptolocker) Malware C&C Server Inside TorrentLocker (Cryptolocker) Malware C&C Server
Inside TorrentLocker (Cryptolocker) Malware C&C Server
Davide Cioccia
 
1) Explain your thoughts on the future of IoT and the security impli.docx
1) Explain your thoughts on the future of IoT and the security impli.docx1) Explain your thoughts on the future of IoT and the security impli.docx
1) Explain your thoughts on the future of IoT and the security impli.docx
karisariddell
 
Expo Milan 2015 Case Study_EN
Expo Milan 2015 Case Study_ENExpo Milan 2015 Case Study_EN
Expo Milan 2015 Case Study_EN
Cisco Case Studies
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
christiandean12115
 
ITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information TechnologyITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information Technology
ITU
 
Advance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsAdvance security in cloud computing for military weapons
Advance security in cloud computing for military weapons
IRJET Journal
 
Digital Security by Design Vision
Digital Security by Design VisionDigital Security by Design Vision
Digital Security by Design Vision
KTN
 
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Luca Moroni ✔✔
 
Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018
Дзвенислава Карплюк
 
All About Cyber Security Orientation Program.pdf
All About Cyber Security Orientation Program.pdfAll About Cyber Security Orientation Program.pdf
All About Cyber Security Orientation Program.pdf
Infosec Train
 
Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8
Mukesh Chinta
 
InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015
AVEVA
 

Similar to TI Safe ICS Cybersecurity Training (20)

Final Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docxFinal Project IoT Security Research Attached Personal data.docx
Final Project IoT Security Research Attached Personal data.docx
 
Cisco - The Security Scoop
Cisco - The Security ScoopCisco - The Security Scoop
Cisco - The Security Scoop
 
Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich
 
Laureate Online Education Information Security Engineering .docx
Laureate Online Education Information Security Engineering .docxLaureate Online Education Information Security Engineering .docx
Laureate Online Education Information Security Engineering .docx
 
Security and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical SystemsSecurity and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical Systems
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
1 fruct genesis_livshitz_v6_17-03-2018
1 fruct genesis_livshitz_v6_17-03-20181 fruct genesis_livshitz_v6_17-03-2018
1 fruct genesis_livshitz_v6_17-03-2018
 
Inside TorrentLocker (Cryptolocker) Malware C&C Server
Inside TorrentLocker (Cryptolocker) Malware C&C Server Inside TorrentLocker (Cryptolocker) Malware C&C Server
Inside TorrentLocker (Cryptolocker) Malware C&C Server
 
1) Explain your thoughts on the future of IoT and the security impli.docx
1) Explain your thoughts on the future of IoT and the security impli.docx1) Explain your thoughts on the future of IoT and the security impli.docx
1) Explain your thoughts on the future of IoT and the security impli.docx
 
Expo Milan 2015 Case Study_EN
Expo Milan 2015 Case Study_ENExpo Milan 2015 Case Study_EN
Expo Milan 2015 Case Study_EN
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
 
ITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information TechnologyITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information Technology
 
Advance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsAdvance security in cloud computing for military weapons
Advance security in cloud computing for military weapons
 
Digital Security by Design Vision
Digital Security by Design VisionDigital Security by Design Vision
Digital Security by Design Vision
 
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
 
Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018
 
All About Cyber Security Orientation Program.pdf
All About Cyber Security Orientation Program.pdfAll About Cyber Security Orientation Program.pdf
All About Cyber Security Orientation Program.pdf
 
Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8
 
InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
TI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 

Recently uploaded

Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 

Recently uploaded (20)

Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 

TI Safe ICS Cybersecurity Training

  • 1. ICS Cybersecurity Training Characteristics and Summary v. 2.07 Revised in 04/22/2019
  • 3. Preface This document aims to present the "ICS Cybersecurity Training". Intellectual property All product names mentioned in this document are trademarks of their respective manufacturers. This document and the information contained here are confidential and proprietary of TI Safe. All property rights (including, without limitation, trademarks, comercial secrets, etc.) evidenced by or included in attachments or relative documents are solely for TI Safe. TI Safe provides restricted use of this material to explicitly authorized employees, customers and business partners through the integrity and confidentiality maintenance agreement. Unauthorized use, distribution, or reproduction will be considered a violation of property rights and civil or criminal measures will be applied under applicable law. Warning This document is intended to be complete and clear. TI Safe shall not be liable for any damages, financial or business losses resulting from omissions or imperfections contained herein. This document is subject to change without advance notice. It is recommended to contact TI Safe for updates and / or additional information. Contact TI Safe provides different channels of communication with its customers, suppliers and associates: Rio de Janeiro, Brazil Estrada do Pau Ferro 480 , Bloco 1, Loja R, Pechincha ZIP Code – 22743-051 – Rio de Janeiro, RJ – Brasil Telefone: +55 (21) 3576-4861 São Paulo, Brazil Rua Dr. Guilherme Bannitz, nº 126 - 2º andar Cj 21, CV 9035 - Itaim Bibi – ZIP Code - 04532-060 - São Paulo, SP - Brasil Telefones: +55 (11) 3040-8656 Salvador, Brazil Av. Tancredo Neves nº 450 – 16º andar – Edifício Suarez Trade ZIP Code – 41820-901 – Salvador, BA – Brasil Telefone: +55 (71) 3340-0633 Lisbon, Portugal Av. da Liberdade 110, 1269-046 Lisbon, Portugal Telefone: +351 21 340 4500 e-mail: contato@tisafe.com website: www.tisafe.com skype (somente voz): ti-safe Twitter: @tisafe
  • 4. Certificate of documentation changes Version Date Author Description 1.00 03.05.2009 Marcelo Branquinho Generation of the first document 1.01 09.10.2009 Marcelo Branquinho Review and update of inserted topics 1.02 10.13.2009 Marcelo Branquinho Content review for 20 hours 1.03 04.13.2010 Marcelo Branquinho OPC Security Inclusion 1.04 07.19.2011 Marcelo Branquinho Inclusion of new chapters based on information security and practical demonstrations of attacks on networks and systems 1.05 07.26.2011 Marcelo Branquinho Conceptual review of the summary 1.06 07.28.2011 Marcelo Branquinho Conceptual review of the summary 1.07 07.30.2011 Marcelo Branquinho Conceptual review of the summary 1.08 08.03.2011 Marcelo Branquinho Conceptual review of the summary 1.09 08.06.2011 Marcelo Branquinho Conceptual review of the summary 1.10 08.10.2011 Marcelo Branquinho Conceptual review of the summary 1.11 08.12.2011 Marcelo Branquinho Conceptual review of the summary 1.12 08.16.2011 Marcelo Branquinho Conceptual review of the summary. Insertion of case study for CSMS Framework. 1.13 09.06.2011 Marcelo Branquinho Conceptual review of the summary 1.14 04.04.2012 Marcelo Branquinho e Jan Seidl Review of several chapters with content addition and technological update of the training. 1.15 06.027.2012 Marcelo Branquinho Added theoretical reference in the summary. 1.16 10.10.2012 Marcelo Branquinho Added content in the apostille and revised the sequence of chapters. Chapter 12 created. 1.17 05.09.2013 Marcelo Branquinho Inserted content about one-way security gateways. 1.18 05.21.2013 Marcelo Branquinho Updated content standards with NERC-CIP. 1.19 06.11.2013 Marcelo Branquinho Inserted content about continuous monitoring. 1.20 08.12.2013 Marcelo Branquinho Included ANSI / ISA-100.11a standard and revised security content in industrial wireless networks. 1.21 09.19.2013 Marcelo Branquinho Change in chapter order and lesson plan. 2.01 11.28.2017 Marcelo Branquinho Conceptual review of the summary according to ICS.SecurityFramework. 2.02 12.08.2017 Marcelo Branquinho New document layout. 2.03 12.11.2017 Marcelo Pessoa Review of indexing of apostille. 2.04 08.02.2018 Marcelo Branquinho English version revision 2.05 08.13.2018 Marcelo Branquinho Update with new contents. 2.06 02.09.2019 Marcelo Branquinho Update with new contents. 2.07 04.22.2019 Marcelo Branquinho Update with new Cyber Security for Industry 4.0 (IIoT) chapter.
  • 5. Summary Data Training name ICS Cybersecurity Training Reasons for the creation of "ICS Cybersecurity Training". • There was no other similar training in Latin America • Professional experiences in developing and deploying solutions for ICS Cybersecurity already waved vulnerabilities in critical infrastructures, and training would disseminate this culture. Offer justification The course fills a market segment that has great demand from industries whose infrastructures are critical to the nations. This is the first Latin American Traning, with Portuguese and English versions, to teach the application of the good practices of ANSI/ISA 99 and ISA-IEC 62443 standards for the cyber security of industrial systems and networks. Fulfills all ISA requirements (details at http://www.isa.org/) for ICS cybersecurity. Goals Educate professionals to be capable of identifying risks in industrial networks, as well as recommend the main countermeasures for them, according to the main international security standards and the ICS.SecurityFramework methodology developed by TI Safe. To capacitate professionals to design and deploy the CSMS (Cyber Security Management System) in critical infrastructure automation networks. Student Profile IT or OT professionals with knowledge of operating systems, network protocols, programming languages, hardware and software. Desirable knowledge in information security and Industrial Control Systems (ICS). English language proficiency is recommended for watching videos and reading training support material. Field of activity ICS Cybersecurity. Workload and course duration The course is available in a 20 hours format, divided into 5 periods of 4 classroom hours each.
  • 6. Theoretical reference In the preparation of the apostille and materials presented in the training were used technical contents from several sources of research that are part of the recommended bibliography: • “Segurança de Automação Industrial e SCADA”, written by TI Safe Team – Elsevier publisher • “Securing SCADA Systems”, written by Ronald L. Krutz – Wiley publisher. • “Techno Security's Guide to Securing SCADA” written by Jack Wiles, Ted Claypoole, Phil Drake, Paul A. Henry, Lester J. Johnson Jr, Sean Lowther, Greg Miles e James H. Windle – Syngress publisher. • “Protecting Industrial Control Systems from Electronic Threats”, written by Joseph Weiss. Momentum Press publisher. • “The Stuxnet Computer Worm and ICS Security”, written by Jackson C. Rebane. Nova Publisher. • “Inside Cyber Warfare”, written by Jeffrey Carr. O´Reilly publisher. • “Cyber War: The Next Threat to National Security and What to Do About It”, written by Richard A. Clarke e Robert Knake. Ecco publisher. • “Cyberpower and National Security (National Defense University)”, written by Franklin D. Kramer, Stuart H. Starr e Larry Wentz. NDU Press publisher. • “A Arte de Enganar”, written by William L. Simon, Kevin Mitnick, Makron Books publisher. This comprehensive bibliography includes the same technical benchmarks used in the official ICS cybersecurity training programs of the major North American cyber defense institutes and is based on the recommended content for training and awareness plans of the ISA/IEC 62443 standard. Text Books The training apostilles were prepared in Portuguese and English and distributed in digital format (PDF file). They are constantly updated and improved. In addition to the mentioned bibliographical references, we have the important support of the leading companies in the ICS Cybersecurity arena to ensure that we have the insights on the latest industrial systems defense technologies used today. Picture: Module 1 cover sheet One week before the start date of each training, TI Safe will send the data so that enrolled students can download the apostille and supporting material from the Internet. It is up to each student to print the apostille or take their laptop or tablet to classes with the apostille in digital format. TI Safe respects the environment and natural resources and follows strictly the principles of its environmental policy, so it does not print or recommend the printing of digital files.
  • 7. Practical Classes and Technical Demonstrations During the training will be held practical classes and technical demonstrations of attacks and defenses against simulated automation networks. For the demonstration of attacks against industrial networks we counted on simulators of automation networks industrial plants shown in the figure below: Figure: Industrial Network Simulators used in the ICS Cybersecurity Training Trainning Agenda
  • 8. Goals and Contents Module Goals Contents Module 1 - Introduction Presentation of training objectives rules, instructors and students. • Brief presentation of instructors and students. • Presentation of the training agenda and objectives, bibliography and supporting material. • About TI Safe. Module 2 - Risks Overview of a SCADA system, its elements, protocols and typical architecture. Definition of critical infrastructures, their importance and presentation of recent cyberterrorism cases. Presentation of the types of attackers, the market that feeds the cyber attacks and the main challenges for implementation of cyber security in critical infrastructures Presentation of techniques for the elaboration of risk analysis in industrial networks according to ISA/IEC-62443 standard and the TI Safe´s ICS.SecurityFramework methodology. • Overview of an ICS • Industrial control systems architecture. The Purdue model (ISA-95) • Industrial networks • SCADA systems • Industry 4.0 • What are Critical Infrastructures? • Cyber warfare – the 5th dimension of war • Characteristics of the new attackers • The cybercrime Market • The Dark Web • Vulnerabilities in industrial control systems • History of cyber attacks to industrial networks • Malware, the main hacker´s weapon • Cyber security challenges for industrial control systems • Basic concepts • Risk Scenarios • Classification of critical infrastructure networks • Classification method • Risk analysis • Controls evaluated in static analysis • Physical security analysis • Dynamic analysis • Example of Risk Analysis Report (ACME company) Module 3 - Planning Presentation of methods for the development of an Industrial Cyber Security Plan. • Considerations for a cybersecurity strategy • Planning for deployment of cybersecurity countermeasures in an industrial network • ICS Cybersecurity Plan example (ACME Company)
  • 9. Module 4 - Controls Governance and Monitoring: Presentation of the main international standards that guide the implementation of cybersecurity policies in industrial networks. Basic concepts for the development of a business continuity plan (BCP). Edge Security: Presentation of Firewalls, VPNs, unidirectional security gateways and strategies for security in industrial WiFi networks. Industrial Network Protection: Details of the defense in depth strategy recommended by ANSI/ISA-99 / ISA 62443 and presentation of the zones and conduits model Presentation of cyber security solutions used for industrial network protection. Malware Control: Presentation of the weaknesses of solutions traditionally used for malware protection in automation networks. Malware control in OT networks and presentation of modern solutions to prevent malware attacks. Data Security: Presentation of threats to access to computer networks and the weaknesses of remote access to industrial networks. Presentation of solution for second factor of authentication in systems and industrial applications. Cybersecurity for Industry 4.0 (IIoT): Presentation of the challenges of implementing cyber security for industry 4.0, based on IIoT (Industrial Internet of Things). Education and Awareness: Presentation of concepts to build an education and awareness plan aiming at establishing the culture of cyber security for automation networks. • Reference standards • The ANSI/ISA 99 | ISA/IEC 62443 standard • The NIST 800-82 Guide • The NERC-CIP standard • Industrial Internet Consortium • Automation security policies • Business Continuity Plan (BCP) • Firewall architectures and DMZ deployment • Next generation firewalls • VPNs and Unidirectional security gateways • Industrial WiFi security • Why do security solutions fail? • Direct attacks on the control network • Zones and Conduits Model • Network segmentation with NGFW and services • VLANs • Industrial firewalls. • Zero Trust Architecture • Inventory and asset visibility with Machine Learning • The use of antivirus and patches in OT networks • Blacklisting x Whitelisting • Example of solution for protection against malware infections in automation networks • Threats to access control • Access Control: Concepts and Methodologies • Main authentication mechanisms. • Remote access to industrial networks and SCADA • Example of solution for second authentication factor in remote access to industrial networks. • What are IoT and IIoT? • IIoT in Manufacturing. • IoE - IIoT in energy networks. • Cloud security. • Security framework for IIoT. • Education and awareness plan • Training and certifications available on the market • Awareness-raising methods • Main international events
  • 10. Module 5 - Monitoring Presentation of methods for the implementation of continuous monitoring in automation plants, including SIEM technologies and managed security services (ICS-SOC). Presentation of new technologies for ICS Cybersecurity. • Continuous monitoring and trends • What to monitor in an automation network? • Basics and benefits of using an SIEM tool • Internal Monitoring Center • Challenges for implementing a SOC • TI Safe ICS-SOC • Trends in industrial cyber Security Module 6 - Pratices Ensure that the student has contact with the main hacking techniques and also the ICS Cybersecurity countermeasures presented during the training. • Initial setup of simulators and attacker machine on Kali Linux • Web Target Scanning with Shodan • Port scanning and services (Port Scan) • Scan PLC variables using Wireshark • Internal DoS Attack against PLC • DoS Attack against IIoT • Attack throught the values manipulation of PLC control variables • Development of Ciberweapon for remote control • Attack on the PLC via cyberweapon in PDF • Demonstrations and practices of cyber security countermeasures. • Demonstration of malware control solution for USB scanning • Demonstration of Malware industrial endpoint protection • NGFW Log Inspection Demo • Demonstration of Industrial Network Protection solution with Machine Learning • Demonstration of Industrial Intelligence using SIEM Tool