The primary purpose of ICS Range is to further train and educate all employees, who daily works with Operational technology (OT) systems (IACS/ICS/SCADA) – ranging from introduction level to expert level education. The below education, is a supplement to the online OT security training platform:

OT FOUNDATION CLASS (introduction level)

This two-day course covers an introduction to Operational Technology (OT) Industrial Security. Class can either be online or onsite, depending on the requirements.

Requirements: No prior OT knowledge required but be prepared for a steep learning curve.

Agenda: Participants will attend an instructor-led live training, that will cover: Learning points:

  • What is Operational Technology (OT) & Industrial Control System (ICS)?
  • How is OT different from traditional IT?
  • IT/OT Security Primer & security best practices
  • How to plan and execute pen-testing in industrial environments.
  • IT/ICS protocols and reversing

After this class, the participant will:

  • Have developed an initial understanding of the basics within OT/ICS security
  • Be introduced to safeguards, concepts and best practices in industrial security
  • Be able to do a security assessment of industrial security environments

Last, but not least: Have plenty of new inspiration to plan and defend the OT environment in a way that actual works! This class reinforce the concepts learned, by using several real-life cases - combined with our instructor’s vast experiences from the field.

This course is particularly recommended for:

  • System administrators, engineers, and other information technology (IT) professionals who shall administer, monitor, patch, or secure ICS.
  • Control engineers, Plant site operators and Technicians in industrial environments.
  • IT/OT system integrator, and architects who design or implement secure ICS.
  • Auditors and advisors who are trying to understand the unique security needs of ICS.

OT ADVANCED CLASS

This three-day course covers how to attack and defend industrial environments. This class would focus on red team attacking and reversing software to find and exploit vulnerabilities in OT equipment.

To successfully breach an OT network the attackers (red team) need to learn how to be stealth and avoid detection. This class would teach both attack/defense and would be a technical hands-on class.

Each participant will have access to real industrial equipment, during the class – to ensure the best learning environment available. Furthermore, the participant will learn many free security tools, that can be implemented and used afterwards in the company.

Requirements: Participation on the OT Foundation class or have similar knowledge upfront. Agenda: Participants will attend an instructor-led live training, that will cover:

How to plan and execute pen-testing in industrial environments (advanced) How to design, deploy and defend in industrial environments. How to analyze network traffic (PCAP) (advanced) Use of deception technology (ICS Honeypots).

Many technical hands-on Labs!

This class reinforce the concepts learned, by using several real-life cases - combined with our instructor’s vast experiences from the field. This course is particularly recommended for: OT red Team'er and ICS security researcher System administrators, engineers, and other information technology (IT) professionals who administer, monitor, patch, or secure ICS. Control engineers, Plant site operators and Technicians in industrial environments. IT/OT system integrator, and architects who design or implement secure ICS. Security consultants who perform security assessments and penetration testing of ICS. Auditors and advisors who are trying to understand the unique security needs of ICS.

In the advance class, some of our portfolio of OT Zero days will be presented and the students will see the walk thou

https://www.moxa.com/en/support/product-support/security-advisory/uc-series-improper-physical-access-control-vulnerability

https://www.securityweek.com/moxa-nport-device-flaws-can-expose-critical-infrastructure-disruptive-attacks