What to expectThe OT course is a combination of lectures and hands-on cyber exercises with industrial control systems and physical protection systems. There will be a morning break, lunch break, and an afternoon break during each day.
Who should attend?
- Security operation center staff
- Incident responders
- Reverse engineers
- Software engineers
- IT Staff responsible for operational technology or coordinating with OT/operations staff
- Cybersecurity staff with some responsibility for OT systems
- Operations staff who are responsible for OT/ICS/process systems
- Managers responsible for coordinating incident response, training, or who have an interest in how OT cybersecurity could fit into your organizational construct
Is this the right class for me?If you are unfamiliar with operational technology, this course will provide you with a baseline knowledge of cybersecurity topics related to OT. If you are familiar with OT, this course will provide you with hands-on exercises that allow you to interact with key ICS devices in a way that will bolster your knowledge around related cybersecurity topics.
- We will provide enough equipment to allow small groups to work together to complete the exercises.
- If you have a laptop with internet access and a Kali Linux OS and would like to bring it, please do.
- Instructions to be announced
What do I need to know?
Familiarity with IT cybersecurity topics will be helpful.
When should I arrive?
Please arrive before class begins. Class schedules should be available through the Cyber Fire website or information packet you received prior to attending.
Laptop configuration help is offered at Cyber Fire Foundry on Sunday evening before the event. Please visit the registration desk before coming to class.
Time outside of class
We will take coffee and lunch breaks as described in the printed Foundry schedule. We will make sure the room is locked or under observation from staff during lunch, but we are not responsible for the safety of anything you leave in the room. Lunch is usually on your own unless otherwise listed on the schedule.
Networking with peers is useful for the puzzle contest held after this course and making contacts outside your organization proves useful to many people after they return to work. Breaks during classes provide good opportunities to meet new people. Social events are usually held in the evenings once or twice during the week.
Course to take next
Host Forensics, Incident Coordination, or Malware Analysis.