NCCIC NCCIC

Cybersecurity Training for Industrial Control Systems

The United States Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) is pleased to present Cybersecurity for Industrial Control Systems regional training sessions.

Conference Information

Date:

January 14 - January 17, 2020

Venue:

Hillsborough County Sheriff's Office
Falkenburg Road Jail Assembly Room

520 N. Falkenburg Road
Tampa, FL 33619

Who Should Attend?

This training is provided specifically for personnel responsible for the oversight, design and operation of control systems. This includes operators, engineers, IT personnel, supervisors, emergency managers, and managers.

Courses

Tuesday, January 14th, 8:00 am - 5:00 pm
Introduction to Control Systems Cybersecurity (Course 101)

The purpose of this course is to introduce students to the basics of industrial control systems security. This includes a comparative analysis of IT and control system architecture, security vulnerabilities, and mitigation strategies unique to the control system domain.

Wednesday, January 15th, 8:00 am - 5:00 pm
Intermediate Cybersecurity for Industrial Control Systems, Part 1 Lecture Only (Course 201)

This course provides technical instruction on the protection of industrial control systems using offensive and defensive methods. Students will understand how cyber-attacks could be launched, why they work, and mitigation strategies to increase the cybersecurity posture of their control system. Demonstrations will include the use of software tools to establish a baseline of your network(s), and to monitor and analyze its traffic.

Thursday, January 16th OR Friday, January 17th, 8:00 am - 5:00 pm

Intermediate Cybersecurity for Industrial Control Systems, Part 2 (202) Hands-on
Because this course is hands-on, students will get a deeper understanding of how the various tools work. Accompanying this course is a sample process control network that demonstrates exploits used for unauthorized control of the equipment and mitigation solutions. This network is also used during the course for the many hands-on exercises that will help the students develop control systems cybersecurity skills they can apply when they return to their jobs.

* Prerequisite: Every student attending the Intermediate Part 2 (202) course must bring a laptop computer (no tablets) with wireless capability (to connect to the exercise networks) and a minimum of 8GB of RAM.

A modified Kali distribution containing additions to support classroom exercises will be used during the course.

Each student must arrive with a VMware® software virtualization package (Workstation, Player, or Fusion) installed on their laptop. You must have administrator privileges to install the VM player.


Table Top Exercise – [No laptop required]
This exercise is designed to provide the opportunity to address key issues through a series of interactive discussion-based activities. With focus on: policies, procedures, background checks, access controls, privilege levels, media protections, network defense in depth, and effective information sharing.

Registration

Please register for this training at: http://secure.inl.gov/REG0120/.

There are no course fees; DHS ICS-CERT is sponsoring this training. Attendees are responsible for all travel, food, and lodging expenses.

Questions

For additional information please email us at ICSTraining@inl.gov