The workshop is based on practical cases to learn how to understand and manage high impact cybersecurity incidents in an industrial automation and digitization environment. The ESCIM platform for high impact industrial cybersecurity incident scenarios will be applied in a practical way. The guide for the construction of an industrial cybersecurity operations and response center will also be used, which will form part of the material for this workshop. The variety of organizations involved and the impact of incidents that can occur in these environments is high, so this workshop will be an essential tool to prepare for the management of high-impact incidents in critical systems.
The training will take place in two sessions of 3 hours each, during which the teacher’s explanations must be followed live. At the end of the first session, attendees must individually carry out the proposed exercises, which will be solved and shared during the second session.
Reasons to attend:
- Understand the attack vectors and the type of Incidents that an industrial organization may suffer.
- Become familiar with the phases of incident management and the particularities of the organizations involved in an industrial environment.
- Share with other professionals the important aspects that should be considered in the incident management of an automation and control environment.
- Know the main controls that can be used to prevent, detect and respond to cybersecurity incidents in an OT environment.
Practical use cases will be presented and the risks of their installation with industrial automation / digitization will be identified and the students will participate in the process, as well as in cyber exercises to face high impact incidents following the stages of the response life cycle to an incident .
The technical capabilities necessary in an industrial SOC and how to notify according to regulatory requirements will be analyzed, showing the use case of NIS regulations.
This workshop is aimed primarily at professionals from industrial organizations, Operation and Maintenance, Emergency Response, Engineering, IT / OT integrators, cybersecurity professionals, especially in incident response teams
4:00 p.m. - 7:00 p.m. (Madrid-Spanish time)