Operational Technology

Overview

Operational technology (OT) is a category of hardware and software that monitors and controls how physical devices perform. In the past, OT was used primarily in industrial control systems for manufacturing, transportation and utilities. But unlike information technology (IT), the technology that controlled operations in those industries used a standard of isolation and air gapped networks. Today, however, as physical devices are becoming "smart," there is an increasing trend toward IT/OT convergence. This brings on new unique set of issues and situations that traditional IT cyber professionals have not faced. OT operates in every industry and with this convergence, OT has become a critical component that effect all different types of cyber professionals, including incident responders, security operations center staff, red team, penetration testers, and cyber analysts looking to gain an understanding of OT cyber assurance. This course is an introductory course to OT cyber principles, practices and forensics.

What to expect

On the first day of lectures focused on key issues relating to OT cybersecurity concerns and how to address them. The second day allows the participants will have hand on labs focused on OT software and hardware and the unique approaches to protecting them.

Day 1: Lecture Day

  • Overview and introductions
  • OT vs IT Overview
  • Challenges & Shortcomings of OT
  • Open Source Lab
  • Ukraine Cyber Event
  • IoT’s impact on cybersecurity
  • Assessment Tools

Day 2: Lab Day

  • Preventing the Attack Lab
  • DDoS Lab
  • Controlling/Bypass HMI Lab
  • Firmware Lab
  • Man in the Middle Labs
  • Physical Security Lab
  • Operational Safety Lab

Who should attend

  • Security operation center staff
  • Incident responders
  • Reverse engineers
  • Software engineers
  • System Administrators
  • IT managers
  • I&C Engineers
  • Critical Industry Operators

Is this course right for me?

This class is geared toward anyone wishing to learn more about Operational Technology (Industrial Control Systems) and IT convergence, OT cyber assurance and best practices. OT operates in every industry and with this convergence, OT has become a critical component that effect all different types of cyber professionals, including incident responders, security operations center staff, red team, penetration testers, and cyber analysts looking to gain an understanding of OT cyber assurance.

What Should I Bring?

Each lab kits will have a laptop provided with the Virtual Machines and tools necessary to complete the course. As these items are provided for the course the only requirement is to show up to the course with a learning attitude.

Laptop Configuration

Laptop and software setup sessions usually happen the afternoon or evening before the first day of class. Please check the schedule for details and come early if you would like help making sure everything is ready to go for class.