CPD A 1-day Introduction to Security Program requirements for Industrial Automation and Control Systems (IACS) asset owners, COMAH duty holders and those responsible for the security of industrial automation, control and safety systems – collectively known as “operational technology” (OT) to differentiate it from “information technology” (IT).

The course recognises that the optimum approach to security in IACS / OT may be quite different to what might be considered best practice in an IT environment and would encourage both OT professionals and IT professionals looking to gain knowledge of OT cyber security to attend.

Course Content

Part 1.

The presentation material will compare and contrast OT and IT functions, technologies, and security approaches, identify relevant regulatory frameworks, international standards, and guidance, outline key security concepts, describe the constituent parts of an organisational Security Program, how they are assembled and maintained, and finish with important external interfaces:

Introduction to OT / IACS
Regulatory frameworks, international standards, and security guidance
Threats, vulnerabilities and risk
Key security concepts
Assembling the parts, establishing, operating, maintaining, and maturing the Security Program
Important relationships including with business continuity, IT, and safety, personnel and physical security.
Addressing the challenges of supply chain security.

Part 2.

There will also be an opportunity for discussion with participants about the key evidence an HSE specialist inspector or cyber security auditor will want to see for OT cyber security, including exploring the following using a simplified case study:

Simple Network Diagram for OT, preferably using the Purdue / ISA-95 architecture model
Assessment of essential functions and adverse outcomes (including safety top events)
Configuration management databases and asset registers for OT systems (including specific fields about software configuration)
Policy document setting out governance and OT risk ownership
Threat and vulnerability management for OT
Risk assessment, corporate tolerable risk, and defining Security Levels
Maintenance of security countermeasures
Evidence of activities to deliver staff awareness, skills, competencies
Evidence of a continually improving Security Program.
Business continuity and incident response planning

Who should attend

Although primarily intended for engineers and professionals who are responsible for managing or supporting the OT cyber security of COMAH sites, the course will benefit managers and engineers from other manufacturing and utilities organisations where security plays a key role in business continuity and those who are in a supporting role, including system integrators, maintenance providers, consultants, and contractors.
We would also encourage company OT, IT, maintenance and procurement delegates to attend this course together.

Prereading

Although not essential we would recommend that prospective attendees are familiar with the following open-source resources:

ISA Global Cybersecurity Alliance - Security of Industrial Automation and Control Systems - An Overview of ISA/IEC 62443 Standards (.pdf)
National Cyber Security Centre - Cyber Assessment Framework (for organisations within the UK Critical national Infrastructure and operators of Essential Services)
Health and Safety Executive -OG86 - Cyber Security for Industrial Automation and Control Systems (IACS) (.pdf)

After this training course you will be able to

To describe in practical terms the activities, artefacts and relationships that make a Security Program, as expected by the UK HSE for COMAH sites and as described in IEC 62443.

What you will get

All delegates receive:

The course material in printed or electronic format.
A Certificate of Attendance for each delegate that attends the full course.

Course Options

Classroom

The Course is delivered over 1 day

In-House

The course can be delivered at a client's premises in a closed session in which part 2 can explore specific circumstances of that client.

The course can be delivered on-line or at a venue across the UK, according to the balance of demand.
The course is also available to be delivered at a client's premises in a closed session in which part 2 can explore specific circumstances of that client.
For those wanting more detail than is offered on the one-day course, there is a 2-day cyber course here.

Course Enquiries

If you have any further questions, please contact us and if you wish to proceed, check your diary and reserve a place.

See other OT Cyber Security training courses

Understanding and managing OT Cyber Security is a “team” effort and to maximise the potential learning from this course we would actively encourage joint attendance from both your OT and IT departments.