The Highway Workshop

201- Level ICS Cybersecurity Training

Next Highway Workshop Starts On May 4th

Ralph Langner challenged us at S4x18 to grow the ICS Security Community by 10X. At S4x19 we introduced the OnRamp 101-Level ICS Security Training to a sold out class of 78 students. We have since trained over 1,500 students in the OnRamp Online.

The Highway is S4 Events’ Free 201-Level Online ICS Security Training course. It was presented live on 20 January 2020 at S4x20. We captured the videos and are now offering the workshop online. The Highway Workshop includes:

Eight 45-minute videos … the world’s best provide 201-level instruction on an ICSsec topic

Discussion boards on those videos including questions for students to answer

Student Q&A … great chance to ask Dale, the instructors, other experts and your peers a question

Bonus Materials … we add additional articles, audio, videos, links and more to supplement your learning

We limit class size to 500. 300 of those spots in the first class are taken by the attendees of the live Highway training and the 100 most active students in the OnRamp Workshop. This means there are only 200 spots left. Please only register if you are committed to watch the videos and participate in the discussion. 

Teachers and Content

Like the OnRamp, this is a one-time only collection of the best in ICS security teaching for one-day only. The goal is to educate students on what they need to know to participate more effectively in ICS / OT Security Program Development and Risk Management.

NIST CSF and Maturity Models – Joel Langill of AECOM

Learn how to use the NIST CSF and the most respected Maturity Models to develop and measure your ICS / OT Security Program.

Security Requirements and Acceptance Testing – Mark Heard

Putting in or upgrading your ICS is the best time to specify the security requirements and include it in your selection criteria. You also have to make sure what the vendor or integrator installs it properly as well. Mark Heard has done this as an asset owner and seen it done well and poorly as a consultant and incident responder.

ICS Asset Management and Security – Ralph Langner of Langner, Inc.

Rob Joyce of NSA’s TAO said they knew the systems they were attacking better than the owner of those systems. Don’t let that happen to you. Ralph Langner will show you what you need to know about your ICS cyber assets and how asset management interacts with your security program.

ICS Cyber Security Assessments – Jonathan Pollet of Red Tiger 

Jonathan has been performing and teaching ICS cyber security assessments for almost two decades. In this session he will describe what to expect from your assessment and how to use the information you get from an assessment.

Cyber / Physical Attacks – Jason Larsen of IOActive

Attacking the ICS cyber assets is often just an initial step to reaching the end goal of affecting the underlying process being monitored and controlled. Marina will build on the cyber security assessment Jonathan has provided and look at how cyber attacks and knowledge of the physical process can be used by both attackers and defenders.

Consequence Reduction As A Risk Management Strategy – Andy Bochman of INL

Many thought leaders in the ICS security space are urging asset owners to pay more attention to the consequence side of the risk equation. Andy will explain how to make the consequence case to both executive management as well as the operations and IT teams.

ICS Incident Response: The Tabletop Exercise – Kai Thomsen of SANS

One of the best ways to learn about incident response and train your team is through tabletop exercises. Kai Thomsen will provide some tabletop exercise examples and use them to drive home key points in building an effective ICS incident response capability.

Edge, Fog and SDN – Tim Watkins of SEL

We like to finish the training with a forward looking session. These technologies are important for ICS cloud services and next generation network infrastructures. While they are forward looking from an ICS deployed base standpoint, they are available now and should be considered.