Ralph Langner challenged us at S4x18 to grow the ICS Security Community by 10X. At S4x19 we introduced the OnRamp 101-Level ICS Security Training to a sold out class of 78 students. We have since trained over 1,500 students in the OnRamp Online.
The Highway is S4 Events’ Free 201-Level Online ICS Security Training course. It was presented live on 20 January 2020 at S4x20. We captured the videos and are now offering the workshop online. The Highway Workshop includes:
Eight 45-minute videos … the world’s best provide 201-level instruction on an ICSsec topic
Discussion boards on those videos including questions for students to answer
Student Q&A … great chance to ask Dale, the instructors, other experts and your peers a question
Bonus Materials … we add additional articles, audio, videos, links and more to supplement your learning
We limit class size to 500. 300 of those spots in the first class are taken by the attendees of the live Highway training and the 100 most active students in the OnRamp Workshop. This means there are only 200 spots left. Please only register if you are committed to watch the videos and participate in the discussion.
Like the OnRamp, this is a one-time only collection of the best in ICS security teaching for one-day only. The goal is to educate students on what they need to know to participate more effectively in ICS / OT Security Program Development and Risk Management.
Learn how to use the NIST CSF and the most respected Maturity Models to develop and measure your ICS / OT Security Program.
Putting in or upgrading your ICS is the best time to specify the security requirements and include it in your selection criteria. You also have to make sure what the vendor or integrator installs it properly as well. Mark Heard has done this as an asset owner and seen it done well and poorly as a consultant and incident responder.
Rob Joyce of NSA’s TAO said they knew the systems they were attacking better than the owner of those systems. Don’t let that happen to you. Ralph Langner will show you what you need to know about your ICS cyber assets and how asset management interacts with your security program.
Jonathan has been performing and teaching ICS cyber security assessments for almost two decades. In this session he will describe what to expect from your assessment and how to use the information you get from an assessment.
Attacking the ICS cyber assets is often just an initial step to reaching the end goal of affecting the underlying process being monitored and controlled. Marina will build on the cyber security assessment Jonathan has provided and look at how cyber attacks and knowledge of the physical process can be used by both attackers and defenders.
Many thought leaders in the ICS security space are urging asset owners to pay more attention to the consequence side of the risk equation. Andy will explain how to make the consequence case to both executive management as well as the operations and IT teams.
One of the best ways to learn about incident response and train your team is through tabletop exercises. Kai Thomsen will provide some tabletop exercise examples and use them to drive home key points in building an effective ICS incident response capability.
We like to finish the training with a forward looking session. These technologies are important for ICS cloud services and next generation network infrastructures. While they are forward looking from an ICS deployed base standpoint, they are available now and should be considered.