Applied Cyber Security For OT Engineers

A unique, specialised and blended learning approach, this course has been written by IT/OT cyber security professionals for OT Engineers. You will benefit from years of experience in securing CNI, penetration testing, security audits, readiness assessments and project delivery.

Day 1

Day 2

Day 3

Day 4

Day 5

A basic understanding of IT/OT governance, industrial networking, foundational knowledge in Microsoft Windows operating system(s) and awareness of Linux.

Labs are structured to allow those who are self sufficient to proceed at their own pace with optional modules.

Day 1

• IEC 62443 overview with practical application
• MITRE ATT & CK Framework
• NCSC Cyber Assessment Framework (CAF)
• Secure by design concepts
• Reference Architectures
• Zones and Conduits

Day 2

• Network fundamentals
• Securing the network
• Risks with 'out of the box' configurations
• Network Protocols
• Exploiting common OT Protocols
• Firewalls and edge devices
• Network hardware exploits
  

Day 3

• Introduction to Penetration testing
• Explore weakness in Networking and how to exploit
• Explore weakness in default windows/non patched and how to exploit
• Weak passwords
• SNMP risks
• SMB risks
• Port scanning and enumeration
• Using penetration testing tools for system validation

Day 4

• Active Directory SCADA – using Group Policy to manage and secure systems
• Standalone SCADA - Windows Workgroup security
• Application Whitelisting
• USB protection
• Patch management
• Moving data between low and high security zones
• Firewalls/Data Diodes/Content Deconstruction, Disarm, Reconstruction and Transposition
• Windows Device hardening

Day 5

• Debloat Windows and reduce attack surface
• Apply defined security baseline(s)
• Review Configuration with security and automation tool(s)
• Security assessment and baseline validation before entering into a Factory Acceptance Test (FAT) cycle
• OT Network monitoring
• OT End point Security using AI
• OT Secure Remote Access

NCSC assured training requires the content of the training, the full delivery of the training and the QMS for the training to be approved. Applied Cyber Security For OT Engineers has been approved by APMG using the NCSC certified training scheme criteria for content.

Our courseware has been approved by APMG, using the NCSC Assured Training scheme criteria for content of courses. Because full NCSC training assurance also specifies approval of both the training delivery and the quality management process, our courseware, whilst approved to a high standard, is not assured under the NCSC scheme.

The course is classified as an application level course and is listed on the NCSC website as assured training. 

Find out more about OT Security Consultancy

The APMG International and swirl device logo is a trade mark of the APM Group Limited, used under permission of The APM Group Limited. All rights reserved

APMG Equality Policy

By selecting a training provider endorsed by CREST, you are assured of engaging with an institution that has undergone a detailed evaluation. This assurance means that you can trust in receiving a quality training experience, empowering you to move forward in your professional growth with confidence.

Upon successful completion of the course and exam, a digital badge will certify your understanding and knowledge of:

• The common standards used in the OT environment.
• How to apply the standards to develop priorities and roadmaps in their cyber journey.
• Ethernet networking and how to protect against common attacks.
• Pen testing and how routes are identified and applied to common breaches.
• Utilising practical application of best practice architecture to increase the cyber resilience and impact on their own network.