IchemE Approved CPD =Method offers the Cyber Security Risk Management training course for those responsible for the security of industrial automation, control and safety systems – known as “operational technology” (OT) to differentiate it from “information technology” (IT). The course recognises that the optimum approach to security in OT may be quite different to what would be considered good practice in an IT environment.

The overall goal of the training is to provide individuals responsible for OT security on industrial sites with sufficient knowledge that they can understand their obligations for legal and regulatory compliance, develop procedures and policies to achieve such compliance and manage the site's approach to OT security.

The course content is designed to explain the requirements of the various international standards for security and is developed to specifically address the guidance developed by the UK Health and Safety Executive on industrial security.

Classroom / Live Online

The Course is delivered over 2 days, or on-line as 4 half-day sessions

In-House

The course can be delivered at a client's premises in a closed session where we can explore specific circumstances of that client.

Course Content

Context and Background
- Business, legal and regulatory context for OT security
- Vulnerabilities in OT systems
- Threats – understanding their nature and scale
- Relationship and conflicts between safety and security
- Relationship between IT and OT
Concepts and Guiding Principles for Cyber Security
- The PROTECT > DETECT > RESPOND cycle
- Security measures involving people, processes and technology
- Providing defence in depth
- A graded approach to security measures
- Zones and conduits
- Policy and documentation
First steps in addressing OT cyber security threats
- Business context
- Initial risk assessment and quick security wins
Policy and governance of OT cyber security (management systems)
- Cyber security policy
- Defensive architectures
- Management systems and the cyber security lifecycle
- Methods for cyber security risk management
Data to manage cyber security risk
- Process dependencies
- Asset register
Cyber security risk assessment
- High level risk assessment
- System level risk assessment
Implementing and verifying cyber security measures
- Implement and verify counter measures
- Validate, audit, monitor and report
- Prepare (and exercise) incident response measures
Case study
- A case study and exercise to reinforce the learning points from Days 1 and 2.

Who should attend

Engineers and professionals who are responsible for the management of OT cyber security within their workplace and those who are in a supporting role, including consultants and contractors.

We would also encourage company OT and IT delegates to attend this course together.

Pre-qualification

There are no formal pre-requisites required to attend the training course - we assume no prior knowledge, but of course experience of cyber security and control and safety instrumentation in general is advantageous.

We would also encourage company OT and IT delegates to attend this course together.

After this training course you will be able to

Communicate the essential elements of OT cyber security to your colleagues, management and peers in industry

Apply appropriate cyber security risk management.
Understand and play a role in cyber security risk assessment analysis.
Determine which assets require protection and identify suitable counter measures.

What you will get

All delegates receive:

The course material in printed or electronic format.
A Certificate of Attendance for each delegate that attends the full course.

Course Options

A version of the course can be delivered on-line as 4 half-days or at a venue across the UK, according to the balance of demand.
The course is also available to be delivered at a client's premises in a closed session where we can explore specific circumstances of that client.
For those just wanting an introduction, there is a 1-day Introduction to cyber course.

Course Enquiries

If you have any further questions, please contact us and if you wish to proceed, check your diary and reserve a place.

See other OT Cyber Security training courses

IChemE Approved Training Course

=Method Cyber Security Risk Management Training Course has been approved by the Institution of Chemical Engineers (IChemE). IChemE Certificate

Other IChemE Approved Courses: TUV Certified 61511 Functional Safety Training, HazOp Training Course for Leaders, HazOp Training Course for Team Members

Check your diary and reserve a place

Peterborough
June 10 - June 11 2025

SOLD OUT

Manchester
September 16 - September 17 2025

SOLD OUT

Team Work

Understanding and managing OT Cyber Security is a “team” effort and to maximise the potential learning from this course we would actively encourage joint attendance from both your OT and IT departments.

Course rating 89.5%

Recent delegate comments:

"Overall the learning experience was excellent."

"this is a useful course for the early stages of learning about OT cyber security requirements."

"One of the best delivered courses from one of the most credible and competent trainers that I have had the good fortune to attend."

"Great course, very informative and level of learning"

"The course is focused on the understanding of approach / key areas of concern."

"I have gained an overview of the relevant standards and a general approach."

"Excellent, thought provoking course"

"Good overview of OT Cyber, risk and current management approach."

"I have affirmed my existing knowledge but learned a deeper understanding of some of the key concepts."

"We have a lot of work to do!"