Critical Infrastructure Security

An Introductory Course

This training is focused on providing guidelines for establishing secure industrial control systems (ICS). SCADA, DCS, various control system configurations such as PLC, etc., are commonly found in ICS sectors. Safety and reliability are the two important factors to ensure secure operations of an ICS system. To properly address these two factors along with ‘security’ as the key functional element, ‘Critical Infrastructure Security’ course was developed as it is essential to know the threats possessed to an ICS environment and how to evaluate and mitigate risks to the ICS.

Pre-requisites

Candidates should be acquainted with:

  • General Information Security Concepts
  • General Network Security Concepts
  • Communication Protocols used in Networking

Course Contents

Sub-Module 1: Introduction to ICS

  • The Changing Landscape
  • Critical Sectors and Infrastructure
  • How to Differentiate between Critical & Non-Critical Infrastructures?
  • CKIR Sectors & CKIR Interdependencies
  • Case Studies
  • What is ICS?
  • Processes & Dependencies
  • Type of ICS Facilities
  • Relevant Standards
  • Common ICS Recommendations

 

Sub-Module 2: Importance of Securing Industrial Network

 

  • Why is ICS Security important?
  • Safety Controls
  • Consequences of Successful Cyber Attacks in ICS Environments
  • Case Study

 

    Sub-Module 1: ICS Operations

    • Common ICS Components
    • ICS Architecture
    • ICS Process
    • Communication Channels
    • ICS Topology
    • Common Protocols in ICS
      • MODBUS
      • PROFIBUS
      • DNP3
      • Ethernet/IP
      • EtherCAT
      • SERCOS III
      • Ethernet Powerlink
      • ICCP/TASE.2
    • OLE for Process Control

    Sub-Module 1: Risk Assessment

    • Risk Equation
    • Risk Factors associated with ICS
    • Integrated IT/ICS Risks

    Sub-Module 2: Threats to ICS

    • Cyber Threats to ICS
    • Threat Agents
    • Threats caused by Human Error
    • Threat vs Hazard
    • Risk Curve
    • Attack Methodologies in IT & ICS
      • Attack Elements
      • Attack Model
      • Attack-In-Depth
      • Attack Process
        • Recon/Research
        • Discover
        • Vulnerability Exploitation
        • Maintaining & Escalating Access
        • Covering Tracks

    Sub-Module 1: Vulnerability Assessment (VA)

    • What can be Vulnerable?
    • Assess Industrial Networks
      • ICS Attack Targets
      • Common ICS Vulnerabilities
      • Vulnerability Factors & Root Causes
      • How to know Common ICS Vulnerabilities?
    • VA
      • Importance of VA
      • VA in Industrial networks
      • Vulnerability Scanning for Configuration Assurance
      • Where to perform VA scans?
      • Role of NESSUS in ICS Security
    • Vulnerability Management
      • Performing Vulnerability Management
      • Patch Management
      • Configuration Management
      • Vulnerability Reports
    • Questions for Vendors
    • Tool’s

     

    Sub-Module 2: Impacts of Cyber Incident

    • Tenets of Infosec
    • Disrupting Events
    • Different Losses
    • Proactive Measures
      • Exception Reporting
      • Behavioral Whitelisting
      • Behavioral Anomaly Detection
      • Threat Detection via Event Correlation

     

    Sub-Module 3: Secure Enclaves

    • What is Secure Enclaves?
    • Functional Grouping
    • Establishing & Securing Enclave Perimeters
    • Securing Enclave Interiors
    • Monitoring Enclaves

Sub-Module 1: Defense in Depth Strategies

  • Defense in Depth – A Layer-wise Approach to Security

Sub-Module 2: Standards & Regulations

  • NERC CIP
  • ISA99
  • ISO/IEC 27002:2005
  • NIST SP 800-82
  • NIST SP 800-53
  • NRC Regulations 5.71
  • CFATS

    Sub-Module 1: Common Pitfalls and Mistakes

    • Security Misconfiguration
    • VA vs Zero-Days
    • Security vs Compliance
    • The Air Gap Myth

    Sub-Module 2: Conclusion

    • Summary
    • References

     

     

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content