<img src="https://secure.leadforensics.com/24951.png" alt="" style="display:none;">
Skip to content
This 5-day, instructor-led course, focuses on common OT security frameworks and unpacks how you apply security practically. By addressing foundational requirements, it is possible to deliver a robust deployment that will not only stand the test of time but deliver security that is embedded into the design.
 
You will gain an understanding of security requirements and how to translate these into scalable reference designs. With a focus on technical applications of security, you will learn what it takes to implement a defence in depth approach. 
 
It's time to think about security differently.  Register for this course to find out how.

Availability

Course Summary

Who should attend?

Pre-requisites

Agenda

Accreditations

13 - 17 January Training Hub £3600 /€4650 / $4650 Register
3 - 7 February Cork, Ireland £3600 /€4650 / $4650 Register
24 - 28 February Training Hub £3600 /€4650 / $4650 Register

A unique, specialised and blended learning approach, this course has been written by IT/OT cyber security professionals for OT Engineers. You will benefit from years of experience in securing CNI, penetration testing, security audits, readiness assessments and project delivery.

 
It's fast paced; collect the nuggets of wisdom as we go!
 
Day 1
Learning Outcome: Understand governance, standards and how this can influence system designs
 
Day 2
Learning Outcome: Securing the network and mitigating threats
 
Day 3
Learning Outcome: Spotlight into penetration testing. Explore how default/weak configuration across the network and operating system can put your deployments  at risk and how to remediate
 
Day 4
Learning Outcome: Using built in tools, toolkits and configuration to make Microsoft Windows more secure
 
Day 5
Learning Outcome: Practical application of learning throughout the course. Build a small network, securing devices along the way, applying defined security standards and modifying to meet project/business requirements.
Designed to meet the needs and experience level of Automation Engineers responsible for managing today’s connected IT/OT world. The course also provides a good platform for aspiring OT security professionals.
 
Anybody who has responsibility for cyber security in an OT environment. This includes IT and Automation managers and engineers, technicians or IT professionals.

A basic understanding of IT/OT governance, industrial networking, foundational knowledge in Microsoft Windows operating system(s) and awareness of Linux.

Labs are structured to allow those who are self sufficient to proceed at their own pace with optional modules.

Day 1
Learning Outcome: Understand governance, standards and how this can influence system designs
  • IEC 62443 overview with practical application
  • MITRE ATT & CK Framework
  • NCSC Cyber Assessment Framework (CAF)
  • Secure by design concepts
  • Reference Architectures
  • Zones and Conduits
Day 2
Learning Outcome: Securing the network and mitigating threats
  • Network fundamentals
  • Securing the network
  • Risks with 'out of the box' configurations
  • Network Protocols
  • Exploiting common OT Protocols
  • Firewalls and edge devices
  • Network hardware exploits
Day 3
Learning Outcome: Spotlight into penetration testing. Explore how default/weak configuration across the network and operating system can put your deployments at risk and how to remediate
 
  • Introduction to Penetration testing
  • Explore weakness in Networking and how to exploit
  • Explore weakness in default windows/non patched and how to exploit
  • Weak passwords
  • SNMP risks
  • SMB risks
  • Port scanning and enumeration
  • Using penetration testing tools for system validation
Day 4
Learning Outcome: Using built in tools, toolkits and configuration to make Microsoft Windows more secure
  • Active Directory SCADA – using Group Policy to manage and secure systems
  • Standalone SCADA - Windows Workgroup security
  • Application Whitelisting
  • USB protection
  • Patch management
  • Moving data between low and high security zones
  • Firewalls/Data Diodes/Content Deconstruction, Disarm, Reconstruction and Transposition
  • Windows Device hardening
Day 5
Learning Outcome: Practical application of learning throughout the course. Build a small network, securing devices along the way, applying defined security standards and modifying to meet project/business requirements.
  • Debloat Windows and reduce attack surface
  • Apply defined security baseline(s)
  • Review Configuration with security and automation tool(s)
  • Security assessment and baseline validation before entering into a Factory Acceptance Test (FAT) cycle
  • OT Network monitoring
  • OT End point Security using AI
  • OT Secure Remote Access

NCSC assured training requires the content of the training, the full delivery of the training and the QMS for the training to be approved. Applied Cyber Security For OT Engineers has been approved by APMG using the NCSC certified training scheme criteria for content.

Our courseware has been approved by APMG, using the NCSC Assured Training scheme criteria for content of courses. Because full NCSC training assurance also specifies approval of both the training delivery and the quality management process, our courseware, whilst approved to a high standard, is not assured under the NCSC scheme.

The course is classified as an application level course and is listed on the NCSC website as assured training

Screenshot 2023-03-22 142731  NCSC-apmg-international-logo

 

 

 

 

Find out more about OT Security Consultancy

The APMG International and swirl device logo is a trade mark of the APM Group Limited, used under permission of The APM Group Limited. All rights reserved

APMG Equality Policy

imagezIcon_AW_Cyber Training Provider_col

By selecting a training provider endorsed by CREST, you are assured of engaging with an institution that has undergone a detailed evaluation. This assurance means that you can trust in receiving a quality training experience, empowering you to move forward in your professional growth with confidence.

 

Upon successful completion of the course and exam, a digital badge will certify your understanding and knowledge of:

  • The common standards used in the OT environment.
  • How to apply the standards to develop priorities and roadmaps in their cyber journey.
  • Ethernet networking and how to protect against common attacks.
  • Pen testing and how routes are identified and applied to common breaches.
  • Utilising practical application of best practice architecture to increase the cyber resilience and impact on their own network.

Talk to our experts

Contact us today to learn more about our training courses and how we can help you achieve your business goals.

Contact us