Escuela Professional School

T06. Workshop of Industrial Cybersecurity Incident Management

To be confirmed
Nivel profesionalProfessional level
Tactico Tactical, Operativo Operative
OrganizaciónOrganization
Propietario, operación y mantenimiento Owner, operation and maintenance, Ingenieria e integración Engineering and integration, Fabricante de tecnología Technology manufacturer , Equipo de gestión de incidentes Incidents management team, Respuesta a emergencias Emergencies response
Itinerario formativoLearning path
A, B, C
DuraciónDuration
6 hours
Nivel del programa de credencialesCredentials program level
Blanco White
ModalidadMode
Online
CupoCapacity
20
Tipo formaciónType
Calendario oficial CCI Official ICC Calendar

Con certificado de participaciónEnrolment certificate available

PreciosPrice

  • Oficial no Miembro CCIOfficial ICC non-member
    350,00 €
  • Miembro Individual BásicoBasic individual member
    300,00 €
  • Miembro Individual Profesional y Miembro Activo EnterpriseProfessional individual member & Active member enterprise
    250,00 €
  • Miembro Activo Plataformas y Miembro Activo SuscripciónActive member platforms & Active member suscription
    200,00 €

Más informaciónMore information
escuela@cci-es.org

The workshop is based on practical cases to learn how to understand and manage high impact cybersecurity incidents in an industrial automation and digitization environment. The ESCIM platform for high impact industrial cybersecurity incident scenarios will be applied in a practical way. The guide for the construction of an industrial cybersecurity operations and response center will also be used, which will form part of the material for this workshop. The variety of organizations involved and the impact of incidents that can occur in these environments is high, so this workshop will be an essential tool to prepare for the management of high-impact incidents in critical systems.

The training will take place in two sessions of 3 hours each, during which the teacher’s explanations must be followed live. At the end of the first session, attendees must individually carry out the proposed exercises, which will be solved and shared during the second session.

Reasons to attend:

  • Understand the attack vectors and the type of Incidents that an industrial organization may suffer.
  • Become familiar with the phases of incident management and the particularities of the organizations involved in an industrial environment.
  • Share with other professionals the important aspects that should be considered in the incident management of an automation and control environment.
  • Know the main controls that can be used to prevent, detect and respond to cybersecurity incidents in an OT environment.

Practical use cases will be presented and the risks of their installation with industrial automation / digitization will be identified and the students will participate in the process, as well as in cyber exercises to face high impact incidents following the stages of the response life cycle to an incident .

The technical capabilities necessary in an industrial SOC and how to notify according to regulatory requirements will be analyzed, showing the use case of NIS regulations.

ProgramaProgram
  • Identify the risks of an installation with industrial automation / digitization.
  • Incident response life cycle (Preparedness, detection, Containment, Recovery and post-incident)
  • Table-top exercise with a couple of scenarios where high-impact incidents will arise that must be addressed, both technically and organizationally.
  • Exercise to analyze necessary technical capacities and their correspondence in an industrial environment, both at the plant and SOC level.
  • Regulatory requirements (NIS regulatory case) and their adaptation from the incident management itself to the proper preparation of the notification.
  • Analysis of organizational needs to comply with regulations (NIS normative case)
RequisitosRequeriments

Basic notions of industrial environments: automation and industrial communications.

A quién va dirigidoWho is this course for
This workshop is aimed primarily at professionals from industrial organizations, Operation and Maintenance, Emergency Response, Engineering, IT / OT integrators, cybersecurity professionals, especially in incident response teams
DocumentaciónDocumentation
  • Guide for the construction of an industrial cybersecurity operations and response center (Market value  350€)
  • Workshop presentations
  • Access to the ESCIM Platform
  • Practical cases
HorarioTimetable
4:00 p.m. - 7:00 p.m. (Madrid-Spanish time)

Otros cursos