SCADA Security Training

This week I’m teaching our updated three-day course on Control System Security for Control System Engineers for a client. One thing I learned from my experience teaching at Infosec Institute more than five years ago is it is very hard to make an interesting course for both IT Security types and ICS types. So this course is just for the operations types who need to learn the basics of IT Security and how it can be applied to SCADA and DCS.

There is a different five-day course on Control System Security for the IT Security Professionals. These attendees understand IT Security, but have to learn what control systems are and how IT Security must be applied differently to these systems.

There are in fact a number of high quality ICS Security Courses available now:

  • Infosec Institute still offers a 5-day course, SCADA Security: SEC-325. This was the course I initiated, but it has been substantially updated and improved by the current teacher, Joel Langill, @scadahacker. Knowing Joel, my guess is the labs are a highlight of this course. They have a test and related certificate CSSA, but I have yet to see that certificate gain any recognition.
  • Joe Cummins and Jonathan Pollet and teach a 5-day Advanced SCADA Security course, most often in conjunction with SANS SCADA Security Summits. This course does quite a bit of hands on penetration testing and exploit modules. Jonathan has also partnered with Tom Parker of Securicon to teach a 2-day course at Blackhat this year.
  • ISA offers a 5-day course, TS13 – Advanced Industrial Cyber Security. I don’t have any info on this course besides what is available on the web page. Who created and who is teaching this course?
  • INL on behalf of DHS teaches their Red Team / Blue Team week long course officially titled, Industrial Control Systems Cybersecurity Advanced Training. As covered often on this blog, the Red / Blue course gets almost universal rave reviews. It also is something that is unique in that they have a large number of realistic control system components for the exercise … so this could be viewed as something not competing with industry … whereas
  • INL on behalf of DHS teaches two 1-day courses in conjunction with many ICS security events. They are Introduction to Cyber Security for Control Systems and Intermediate SCADA Security. The courses are free. Of course, since the National Labs are not suppose to compete with private industry these courses should have been retired or spun out to industry long ago. At least charge for it to make it a fair competition.

NESCO and a number of others offer occassional ICS security training courses. So there are a growing number of high quality options available now. Add to that Mike Assante’s NBISE beginning to gear up to certify ICS security professionals, and it looks like there is plenty of supply. Will there be demand?

Image by James Sarmiento