Critical Infrastructure Security

Critical Infra Security

We are right now at the cusp of a major change in the way we address ICS/OT Security. With the advent of Industrial IoT (IIoT), previously isolated infrastructure is now exposed to the cloud.

There has been an upsurge of cyber threats to industrial control systems, but the unique nature of those ICS/OT environments involves special methodologies to secure them. Many organizations are discovering that current IT security controls are inadequate to tackle ICS/OT security. At the same time, from a people perspective there's a major disconnect between the OT and IT Security teams. OT teams believe they've a good handle on security risks, whereas IT Security teams approach OT Security with the same philosophy they apply to IT - but that doesn't work. To catch up to the upsurge of increasing threat landscape, organizations acknowledge a need for first-hand cybersecurity skills, and are looking for better awareness and ICS/OT specific training for both Operational Technology employees and IT security professionals.

Effective cyber security for operational environments requires common understanding of best practices, awareness of emerging threats, and attention to existing vulnerabilities.

NII Comprehensive ICS/OT Cybersecurity Training Program

Our training program encompasses the proficiency and experience of our recognized ICS/OT industry experts to expand cybersecurity understanding. The course content is focused on providing actionable insight, not just theory. Students will gain knowledge about ICS/OT environments, cyber risk, and best practices for protection. The courses can be customized as per the requirements and can be scheduled at corporate locations of choice.

Course Outline

  • Introduction to Cyber Security The course lays the foundation for the rest of the series. It describes the basic functions and goals of cyber security services and mechanisms.
  • Overview of the OT Network The course provides an overview of how data flows through a basic OT network and how OT components and protocols ensure the safety and secure communication of data through the network.
  • Cyber Security and the Industrial Network In this module of the training, participants will be introduced to the unique aspects of industrial computer networks and gain an initial perspective of the challenges in cyber security that surround these complex environments.
  • Cyber Security Regulations, Frameworks & Standards This module covers current efforts by government and industry leaders in the field of cyber security as well as important developments and standards in specific regions and industries. It offers a closer look at specific industry standards created for the ICS domain. The participants will gain knowledge on the strengths and weaknesses of industry standards and become aware of additional attack vectors used by threat sources to circumvent today’s security efforts.
  • Understanding Cyber Security Vulnerabilities Participants will see an overview of strategies used by expert cyber security professionals to investigate, identify, and classify vulnerabilities in an industrial network.
  • ICS/OT Cyber Security Risk Assessment This topic lays the foundation for the rest of the ICS Cybersecurity Risk Assessment approach and methodologies.
  • ICS/OT Vulnerabilities This topic provides an overview of different vulnerabilities and threat vectors of ICS/OT domains. It also helps in managing and tracking vulnerabilities, participants will be introduced to the unique aspects of industrial computer networks and gain an initial perspective of the challenges in cyber security that surround these complex environments.

Table of Contents

Session 1
Session 2
Session 3

    Sub-Module 1: Risk Assessment

    • Risk Equation
    • Risk Factors associated with ICS
    • Integrated IT/ICS Risks

    Sub-Module 2: Threats to ICS

    • Cyber Threats to ICS
    • Threat Agents
    • Threats caused by Human Error
    • Threat vs Hazard
    • Risk Curve
    • Attack Methodologies in IT & ICS
      • Attack Elements
      • Attack Model
      • Attack-In-Depth
      • Attack Process
        • Recon/Research
        • Discover
        • Vulnerability Exploitation
        • Maintaining & Escalating Access
        • Covering Tracks
Session 4
Session 5
Session 6

Register for a training

Previous TrainingWireless Security
Next TrainingVirtualization and Security
Munir Tuwairgi, Student

The course was basic and new information was gained and hands on lab performed.

Ali Dhawi – Al Qahtani

I would like to extend my recognition and thanks for to instructor (Mahesh) for his professional knowledge and clear answer.

Nemwr Al-Xami,

Faculty is excellent teacher. He can teach us by easy way & useful, hope to get another course with him in future.

Saurabh Singh, Nomura, Senior Analyst

Faculty is enthusiastic, approachable & he is having brilliant presentation skills.