This course is designed to assist auditors, examiners, operational technology and information technology professionals with understanding the essential elements of security for Industrial Control Systems (ICS) including Supervisory Control and Data Acquisition (SCADA). Through improving knowledge in this area, attendees will be better able to understand the risks facing this technology and provide assurances that organizational risks are appropriately mitigated.
ICS represent a growing concern as a cyber threat target. ICS technology often has a long lifespan and the older systems in use today were not designed with cyber threats in mind. As more of these systems become network and internet connected to improve supportability and response, the potential to compromise these systems increases. Typically managed by operational technology staff, the security focus of these systems is availability first, followed by integrity then confidentiality; the reverse order from what information technology security focuses on (confidentiality, integrity then availability.) Furthermore, since availability is the primary concern for these systems, artifacts and evidence of cyberattacks is often erased during the course of restoring system availability leading to a lack of visibility and reporting on this global threat.
Attendees will learn about the similarities and differences between information technology security and operational technology security, best practices for operational technology security and how to develop ICS technology audit programs.
Prerequisites: Foundational knowledge of information security and audit for industrial control systems
Advance Preparation: None
Learning Level: Basic
Delivery Method: Group-Live
What you will learn
1. Introduction to Operational and Information Technologies
• network architectures and components
• similarities and differences
• ICS processes
• ICS communications and data flow
2. Unique Threats to ICS Technologies
• ICS incidents vs. threats
• consequences of ICS incidents
• potential ICS cyber-attack scenarios
• challenges with forensics
3. Case Studies
• real-world examples of ICS “incidents”; cyber or not?
4. ICS Security Frameworks
• Critical Infrastructure Framework (NIST)
• NIST Guide to ICS Security
5. Risks and Risk Management
• ICS vulnerabilities
• best practices in ICS risk assessments
6. Audit Considerations for ICS