Escuela Professional School
T06. Workshop of Industrial Cybersecurity Incident Management
Con certificado de participaciónEnrolment certificate available
PreciosPrice:
- Oficial no Miembro CCIOfficial ICC non-member 400,00 €
- BásicoBasic 360,00 €
- Profesional y EnterpriseProfessional & Enterprise 340,00 €
- PlataformasPlatforms 320,00 €
- SuscripciónSuscription 300,00 €
escuela@cci-es.org
The workshop is based on practical cases to learn how to understand and manage high impact cybersecurity incidents in an industrial automation and digitization environment. The ESCIM platform for high impact industrial cybersecurity incident scenarios will be applied in a practical way. The guide for the construction of an industrial cybersecurity operations and response center will also be used, which will form part of the material for this workshop. The variety of organizations involved and the impact of incidents that can occur in these environments is high, so this workshop will be an essential tool to prepare for the management of high-impact incidents in critical systems.
The training will take place in two sessions of 3 hours each, during which the teacher’s explanations must be followed live. At the end of the first session, attendees must individually carry out the proposed exercises, which will be solved and shared during the second session.
Reasons to attend:
- Understand the attack vectors and the type of Incidents that an industrial organization may suffer.
- Become familiar with the phases of incident management and the particularities of the organizations involved in an industrial environment.
- Share with other professionals the important aspects that should be considered in the incident management of an automation and control environment.
- Know the main controls that can be used to prevent, detect and respond to cybersecurity incidents in an OT environment.
Practical use cases will be presented and the risks of their installation with industrial automation / digitization will be identified and the students will participate in the process, as well as in cyber exercises to face high impact incidents following the stages of the response life cycle to an incident .
The technical capabilities necessary in an industrial SOC and how to notify according to regulatory requirements will be analyzed, showing the use case of NIS regulations.
ProgramaProgram
- Identify the risks of an installation with industrial automation / digitization.
- Incident response life cycle (Preparedness, detection, Containment, Recovery and post-incident)
- Table-top exercise with a couple of scenarios where high-impact incidents will arise that must be addressed, both technically and organizationally.
- Exercise to analyze necessary technical capacities and their correspondence in an industrial environment, both at the plant and SOC level.
- Regulatory requirements (NIS regulatory case) and their adaptation from the incident management itself to the proper preparation of the notification.
- Analysis of organizational needs to comply with regulations (NIS normative case)
RequisitosRequeriments
Basic notions of industrial environments: automation and industrial communications.
A quién va dirigidoWho is this course for
DocumentaciónDocumentation
- Guide for the construction of an industrial cybersecurity operations and response center (Market value 350€)
- Workshop presentations
- Access to the ESCIM Platform
- Practical cases
