2022 Full Day ICS Cybersecurity Training Courses

July 26, 2022

Conference attendees can register for optional full-day ICS cybersecurity training sessions that take place on Monday, October 24th, 2022. (Click here to register

Register Now

Applied ICS Security Training Lab (9AM-5PM ET – $495 Fee) 

(Overview: Register )This full-day lab course gives participants hands-on experience attacking and hardening a simulated power plant network to learn about common ICS vulnerabilities and defenses. Participants will attack historians, HMIs, and PLCs to cause a power outage in the 3D simulation, and then implement defenses like firewalls and network monitoring to harden it.

In this session attendees will learn:

  • Deeper understanding of common vulnerabilities in ICS networks and devices
  • Techniques for testing ICS devices for various vulnerabilities
  • Practical experience hardening ICS device configurations and using network defenses

Topics Covered:

  • Scanning ICS networks
  • Exploiting web vulnerabilities in the DMZ
  • Sniffing industrial network traffic
  • Password cracking
  • PLC and HMI programming
  • Using Yara to scan for ICS malware
  • Writing host and network firewall rules for ICS
  • ICS network intrusion detection

Requirements

Participants must bring their own laptop with either Chrome or Firefox installed. Some Linux experience is helpful but not required.

OT Cybersecurity Red Team/Blue Team Workshop (9AM-5PM ET – $495 Fee) 

(Overview: Register ) This workshop will provide students of any role or skill level (beginners, advanced, and leadership) an immersive and entertaining OT cybersecurity learning experience, by participating as part of a blue team and a red team in a simulated environment. Short lectures cover Red Team topics (OT vulnerabilities, OT attack surface, and “hacker” methods) and Blue Team topics (OT vulnerabilities, security controls, threat monitoring, cyber risk management strategies, incident response, building a cybersecurity program). These topics are then exercised and reinforced in breakout sessions, where students get to compete against each other in “head-to-head” red team vs. blue team matches using the ThreatGEN® Red vs. Blue Cybersecurity Simulation Platform.

What will you get out of this course?

  • Gain a comprehensive, “big picture” understanding of how all the OT cybersecurity pieces work together.
  • A primer/refresher of Industrial Control Systems (ICS)/Operational Technology (OT)
  • Learn OT vulnerabilities and attack vectors
  • Learn about the methods and strategies red teams and hackers use to attack OT (High-level, this is not a command line level course)
  • Learn OT and cyber risk management concepts and strategies
  • Learn how to deploy efficient and cost-effective cyber risk mitigation strategies and security controls
  • Learn how to build a complete OT cyber security program.
  • Apply what you’ve learned against live adversaries (going head-to-head against other students) in the ThreatGEN® Red vs. Blue Cybersecurity Simulation Platform
  • Learn how to respond to, adapt, and defend against active attacks (High-level, this is not a technical incident response or threat hunting class.)
  • Participate as the blue team and the red team (no prior experience or technical skill required).
  • Taught by Clint Bodungen, world-renowned ICS cybersecurity expert and author of Hacking Exposed: Industrial Control Systems

Requirements

Participants must bring their own laptop with either Chrome, Firefox, or Microsoft Edge installed. Connection to the internet will be required (access provided by the conference). Nothing will be installed onto your laptop.

 Register Here