SCADAhacker to Offer ICS / SCADA "Blue Team" Security Training and Awareness Course in 2012

Having been involved in the industry for several years, I have realize that there is a lack of specific training to address "how to secure" industrial control systems. There are several very good courses currently available, including those offered by InfoSec Institute (which I will teach until early 2012), Red Tiger Security, Digital Bond, SANS and Idaho National Labs. However, when reviewing the syllabi of these courses, I feel that they tend to focus too much on either (1) theoretical aspects of the problem, or (2) the "hacking" or "red team" side of ICS security.

Knowing this, and not trying to duplicate what is currently available, I have decided to launch my own course entitled "Understanding and Security Industrial Control Systems". This course will be primarily focused on "securing" or "blue teaming" the ICS and will involve several labs that reinforce the selection and implementation of security controls relating specifically to ICS.


The preliminary agenda is as follows:

• Understanding the Unique Threat Landscape of Industrial Control Systems
• Understanding Current Standards and Best Practices from a Security and Compliance Point of View (ISA, IEC, ISO, NERC-CIP, CFATS, NIST, CPNI)
• Risk Identification, Classification, and Threat Modeling
• Understanding and Identifing ICS Vulnerabilities
• Selecting and Implementing Administrative Security Controls
• Selecting and Implementing Technical Controls
• Auditing and Accessing ICS Security

I expect the first one or two classes to be offered in the Chicago area (near ORD airport). Future classes will be offered in manufacturing epicenters such as Houston, Los Angeles, Detroit, Pittsburgh, New Orleans, Washington D.C. and Calgary (others will be available based on customer interest).

Students will use their own computers and supplied with a bootable external drive which contains the testing environment and other tools studied during the week. Many labs will utilize physical ICS equipment providing a realistic scenario to that actually existing in the field. The course will also stress many new leading edge security technologies that will form the basis of a comprehensive overall ICS security program.

I am also open to nesting this curriculum in existing vendor and supplier training programs. please feel free to contact me for additional details.

All of this is very exciting, and i hope that this material will allow me to write and publish a much needed book on this topic in the 2012-2013 timeframe. The end goal is to offer a textbook in addition to the standard PowerPoint slide deck used to teach the class.

Please stay tuned for more details. i expect the first course to be available in the April-May timeframe, with registration beginning after the start of the year.