SecurityWeek is pleased to offer the following optional workshop for attendees of our 2019 Singapore ICS Cyber Security Conference, taking place April 16-18, 2019.
When: Thursday, April 18, 2019 – 8AM-5PM ($400 Fee – Limited to 40 Students – Register Now)
What is red team/blue team training?
Security aware and knowledgeable users serve as the “front line” of your overall security posture. As such, training is one of the most essential components of your risk mitigation strategy and overall cybersecurity program. However, without learning cybersecurity from the “hacker’s” perspective and gaining a true understanding of how adversaries attack and compromise ICS networks and assets, you’re only getting half of the picture. Without that other half, you’re essentially blindly deploying generic security controls and “best practices”. In order to have an efficient and cost-effective risk mitigation strategy, you must understand not only where your vulnerabilities are, but also the tactics that attackers will use to exploit these vulnerabilities. Red Team/Blue Team Training provides the opportunity to learn these adversarial tactics in conjunction with the defensive methods; and then students get to apply the skills they learn as they face off in a head-to-head competition, Blue Team (the defenders) against Red Team (the attackers).
The Gamification Difference: It doesn’t take a hacker to play a hacker!
Traditionally, red team/blue (or red team vs. blue team) training has been a significant time commitment, often upwards of five days or more. This can be taxing on constrained schedules and budgets. This Red Team/Blue Team Training uses cutting edge computer gaming technology developed by authors of “Hacking Exposed: Industrial Control Systems”, to offer all the best aspects of red team/blue team training, but in a fraction of the time and without a technical learning curve. Students of all levels can even play the part of the red team, regardless of experience or skill level.
In the end, students discover that defending their ICS networks and assets is more than simply deploying “best practices” and “layered defense”. Students will learn to create targeted defensive strategies (despite having limited resources) against a live opponent who is strategizing against them.
What you will get out of this class:
- Gain a comprehensive, “big picture” understanding of how all the cybersecurity pieces work together
- Learn and apply practical industrial cybersecurity concepts in a one-day class
- Learn vulnerabilities and attack vectors specific to industrial control systems
- Learn about the methods and strategies hackers use to attack industrial control systems as well as traditional IT systems (NOTE: This is not a technical hands-on “hacking” class)
- Learn how to deploy efficient and cost-effective mitigation strategies and security controls
- Learn how to build a complete ICS cyber security program
- Apply what you’ve learned against a live adversary using the cutting edge, turn-based computer training simulation/game, ThreatGEN™
- Learn how to respond to, adapt, and defend against active attacks
- Participate as the blue team and the red team, regardless of experience or technical skill level
- Taught by industry-leading, world-class experts with years of real-world experience
- Anyone interested in gaining beginner to intermediate knowledge of ICS cybersecurity
- Anyone interested in gaining a better understanding over the overall cybersecurity “big picture”
- Cybersecurity managers
- Upper management concerned with IT/OT cybersecurity
- Plant managers and asset owners
- IT cybersecurity staff tasked with OT cybersecurity
- Engineers tasked with OT cybersecurity
- End users looking for a more effective (and entertaining) cybersecurity awareness training