Availability
Course Summary
Who should attend?
Pre-requisites
Agenda
Endorsements
A unique, specialised and blended learning approach, this course has been written by IT/OT cyber security professionals for OT Engineers. You will benefit from years of experience in securing CNI, penetration testing, security audits, readiness assessments and project delivery.
Day 1
Day 2
Day 3
Day 4
Day 5
A basic understanding of IT/OT governance, industrial networking, foundational knowledge in Microsoft Windows operating system(s) and awareness of Linux.
Labs are structured to allow those who are self sufficient to proceed at their own pace with optional modules.
Day 1
- IEC 62443 overview with practical application
- MITRE ATT & CK Framework
- NCSC Cyber Assessment Framework (CAF)
- Secure by design concepts
- Reference Architectures
- Zones and Conduits
Day 2
- Network fundamentals
- Securing the network
- Risks with 'out of the box' configurations
- Network Protocols
- Exploiting common OT Protocols
- Firewalls and edge devices
- Network hardware exploits
Day 3
- Introduction to Penetration testing
- Explore weakness in Networking and how to exploit
- Explore weakness in default windows/non patched and how to exploit
- Weak passwords
- SNMP risks
- SMB risks
- Port scanning and enumeration
- Using penetration testing tools for system validation
Day 4
- Active Directory SCADA – using Group Policy to manage and secure systems
- Standalone SCADA - Windows Workgroup security
- Application Whitelisting
- USB protection
- Patch management
- Moving data between low and high security zones
- Firewalls/Data Diodes/Content Deconstruction, Disarm, Reconstruction and Transposition
- Windows Device hardening
Day 5
- Debloat Windows and reduce attack surface
- Apply defined security baseline(s)
- Review Configuration with security and automation tool(s)
- Security assessment and baseline validation before entering into a Factory Acceptance Test (FAT) cycle
- OT Network monitoring
- OT End point Security using AI
- OT Secure Remote Access
NCSC assured training requires the content of the training, the full delivery of the training and the QMS for the training to be approved. Applied Cyber Security For OT Engineers has been approved by APMG using the NCSC certified training scheme criteria for content.
Our courseware has been approved by APMG, using the NCSC Assured Training scheme criteria for content of courses. Because full NCSC training assurance also specifies approval of both the training delivery and the quality management process, our courseware, whilst approved to a high standard, is not assured under the NCSC scheme.
The course is classified as an application level course and is listed on the NCSC website as assured training.
Find out more about OT Security Consultancy
The APMG International and swirl device logo is a trade mark of the APM Group Limited, used under permission of The APM Group Limited. All rights reserved
By selecting a training provider endorsed by CREST, you are assured of engaging with an institution that has undergone a detailed evaluation. This assurance means that you can trust in receiving a quality training experience, empowering you to move forward in your professional growth with confidence.
Talk to our experts
Contact us today to learn more about our training courses and how we can help you achieve your business goals.
