Industrial Control Systems Evaluation (401L)

NOTE: 401V, ICS300, and ICS301 are NOT prerequisites for this course. The 401V course is identical in content to the 401L. The 401 course is offered in both in-person and online formats.

This instructor-led, three-day course provides hands-on training on how to analyze, evaluate, and document the cybersecurity posture of an organization’s industrial control systems (ICS) to identify recommended changes. Specifically, this course will utilize the Cyber Security Evaluation Tool (CSET^®), along with a simulated ICS scenario that teaches how to analyze cybersecurity weaknesses and threats, evaluate issues, document potential mitigations, and provide ongoing resolutions to strengthen the organization’s cybersecurity posture.

This course will also increase awareness of how a threat related to the ICS translates into a threat to business operations. Attendees will learn how most businesses have numerous support processes and systems controlled by, or otherwise dependent on, an ICS.

After completion of this course, attendees will have the basic skills necessary to conduct a self-evaluation of their organization’s ICS and deliver their recommendations to an upper-management audience. Attendees will have a tool (CSET^®) to evaluate cybersecurity posture at their workplace.

After attending this course, participants will be able to:

• Discuss components of an ICS evaluation.
• Identify assets within ICS networks.
• Determine ICS connectivity.
• Evaluate network monitoring capabilities.
• Discuss the use of wireless in ICS environments.
• Evaluate risk using open source intelligence and operations security methods.
• Evaluate risk from adversaries.
• Determine ICS dependencies.
• Assess supply risk.
• Evaluate risk management and mitigation approaches.

Prerequisites

Participants should have a basic understanding of cybersecurity in an ICS environment. Suggested prerequisite courses for the 401 courses are:

• 100W Cybersecurity Practices for Industrial Control Systems
• 210W-03 Common ICS Components
• 210W-05 ICS Cybersecurity Risk or ICS Cybersecurity Landscape for Managers

Who Should Attend

Individuals who are responsible for evaluating or assessing the cybersecurity posture of critical infrastructure. This could include any number of specific roles and responsibilities, such as cybersecurity management and risk management personnel, information technology (IT) and operational technology (OT) security personnel, and IT and OT managers.

Logistics

This course is presented at a facility in Idaho Falls, Idaho, USA, configured specifically for the aspects of the course. Upcoming courses can be found on the ICS Training Calendar.

This course is accredited by the International Accreditors for Continuing Education and Training, and attendees will be awarded continuing education units (CEUs) and receive a certificate upon completion of the sessions and a passing score of 80% or above on the end-of-course exam. 

There is no tuition cost to attend this training.

To ask a question or provide other feedback on ICS training, contact us at ICStraining@inl.gov.