Certified Lead SCADA Security Professional

Introduction

Lead SCADA Security Manager Training enables you to develop the necessary expertise to plan, design and implements an effective program to protect SCADA systems. In addition, you will be able to understand common Industrial Control System (ICS) threats, vulnerabilities, risks related to the Industrial Control Systems (ICS), and techniques used to manage these risks. This training focuses on several aspects of security management and skills related to SCADA/ICS security. Lead SCADA Security Manager training course is designed by industry experts with in-depth experience in SCADA and Industrial Control Systems Security. Unlike other training, this training course concentrates specifically on the knowledge and skills needed by a professional seeking to advise on, or manage risks related to SCADA environments and systems. Given the high profile nature and the significant impacts associated with such environments, a holistic professional approach to security is needed and that is exactly what this course is designed to provide. In addition, to acquire the theoretical knowledge needed by a SCADA Security Manager, a comprehensive methodology for the implementation of a SCADA Security program is presented. Thus, at the end of this course, you will gain knowledge on how to effectively implement a security program for SCADA/ICS systems. After mastering all the necessary concepts of SCADA Security, you can sit for the exam and apply for a “Certified Lead SCADA Security Manager” credential. By holding a Lead SCADA Security Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing SCADA Security.

Objectives

By becoming Lead SCADA Security Professional certified, you will be able to:      

• Understand and explain the purpose and risks to SCADA systems, Distributed Control Systems and Programmable Logic Controllers
• Understand the risks faced by these environments and the appropriate approaches to manage such risks
• Develop the expertise to support a pro-active SCADA Security program, including policies and vulnerability management
• Define and design network architecture incorporating defense in advanced security controls for SCADA
• Explain the relationship between management, operational and technical controls in a SCADA Security program
• Improve the ability to design resilient and high availability SCADA systems
• Learn how to manage a program of effective security testing activities

Training Methodology

This is an interactive course. There will be open question and answer sessions, regular group exercises and activities, videos, case studies, and presentations on best practice. Participants will have the opportunity to share with the facilitator and other participants on what works well and not so well for them, as well as work on issues from their own organizations. The online course is conducted online using MS-Teams/ClickMeeting.

Who Should Attend?

• Security professionals interested in acquiring SCADA security professional skills
• IT professionals looking to enhance their technical skills and knowledge
• IT and Risk Managers seeking a more detailed understanding of ICS and SCADA systems h SCADA system developers
• SCADA engineers and operators
• SCADA IT professionals

Course Outline

Day 1: Introduction to SCADA and ICS

• Course objectives and structure

• Fundamental principles and concepts of SCADA and SCADA Security

• Industrial Control Systems (ICS) characteristics, threats, and vulnerabilities

Day 2: Designing a Security Program and Network Security Architecture

• SCADA Security program

• Risk assessment

• Network security architecture for SCADA systems

Day 3: Implementing ICS Security Controls, Incident Management, and Business Continuity

• Implementation of security controls for SCADA systems

• Incident management

• Linkage to business continuity

• Monitoring, measurement analysis, and evaluation

Day 4: Security Testing of SCADA Systems

• Testing principles

• Legal and ethical issues

• Penetration testing approaches

• Security testing of ICS

• Management of a penetration test

• Documentation of the test, quality review, and report

• Maintaining a testing program

• Competence and evaluation of SCADA Security Managers

• Closing the training

Day 5: Certification Exam