The workshop is based on a case study to learn how to perform a forensic analysis in an industrial control and automation environment. The best practices guide in the forensic analysis of industrial automation and control systems that will be part of the material of this workshop will be applied in a practical way. The variety of incidents that can occur in these environments is so diverse that each incident can be considered unique, even with the same infrastructure and specific equipment, so this workshop will be an essential tool to assess the need for an analysis forensics in industrial environments and determine the criteria to be applied in the treatment of electronic evidence found in critical systems.
The training will take place in two sessions of 3 hours each, during which the teacher’s explanations must be followed live. At the end of the first session, attendees must individually carry out the proposed exercises, which will be solved and shared during the second session.
Reasons to attend:
• Learn the typology of technological crimes in an industrial organization, the evidences and their characteristics, as well as their custody.
• Share with other professionals the important aspects that should be considered in the forensic analysis of an automation and control environment.
• Know the main techniques and tools that can be used in the forensic analysis of an OT environment.
• Learn to prepare an expert report.
A use case will be presented and the students will carry out the step-by-step process of a forensic investigation, from obtaining evidence to preparing the expert report. Using different samples of digital evidence, forensic analysis tools will be used to discover the causes of the incident. It will be practiced on the obtaining of forensic images and analysis of network traffic, collecting the necessary information to prepare the corresponding expert report.
This workshop is mainly aimed at professionals from industrial organizations, engineering, IT / OT integrators, cybersecurity professionals and experts with the necessary knowledge to perform a forensic analysis on cybersecurity in an industrial organization.
3:00 p.m. - 6:00 p.m. (Madrid-Spanish time)