Cybersecurity Industrial Control Systems Engineer | SGInnovate

DATE: TBC

Location

TBC

Cybersecurity Industrial Control Systems Engineer

Presented by SGInnovate, Tegasus International & ST Engineering

Are you and your organisation ready to manage and respond to cyber-attacks?

Specially curated with Tegasus International and ST Engineering Cybersecurity Academy, SGInnovate presents a full spectrum of Cybersecurity Workshops in Operational Technology (OT) designed to get you and your organisation ready for impending security threats and vulnerabilities.

These OT courses are structured to align with the key pillars of the Singapore Cybersecurity Strategy. They will be tailored to the needs of those working in the 11 Critical Information Infrastructure (CII) sectors in Singapore.

Through this three-day workshop, you will gain a deeper understanding of the OT Cybersecurity ecosystem as we touch on concepts like embedded systems, protocols fundamentals, known vulnerabilities discovery, forensic investigation and process exploitation. You will also learn how to manage risks and threats to Industrial Control Systems (ICS), as well as the different types and stages of a cyber-attack.

There will be emphasis on real-world use cases as we utilise hands-on exercises that are incorporated with realistic scenarios built around operational cyber physical testbeds.

By the end of the course, you will be able to recognise the symptoms of an attack and identify which tools and techniques to investigate possible breaches into ICS. You should be able to demonstrate a multitude of cybersecurity techniques including vulnerability assessments, sensor disruption and defence-in-depth.

Workshop Overview:

In this course, participants will learn:

  • Basic Cyber Physical Systems (CPS)
  • Cyber risks and security vulnerabilities in CPS
  • Process Control Exploitation
  • Basic networking concepts necessary for active and passive network discovery
  • Network attacks and exploits: different stages of an attack
  • Network defence and incident response

Recommended Prerequisites:

  • Basic understanding of ICS, CPS or OT
  • Recommended for individuals in the Cybersecurity space for at least 2 years; or those who possess a strong interest in Operational Technology (OT) Cybersecurity 

Pre-Workshop Instructions:

  • You MUST bring your laptop to this workshop

Day 1 

Overview of Cyber Physical Systems (CPS)
Basic Cyber Physical Systems

  • Overview of CPS: Industrial Control Systems (ICS) with communication network
  • ICS basics including data flow and protocol
  • Hands-on exercise

Cyber Risk and Security Vulnerabilities in CPS

  • Cyber risks to ICS
  • Threat trends for control systems
  • Security Topics: Information Technology (IT) vs Operational Technology (OT)
  • Common vulnerabilities for control systems
  • Case studies: Real-life cyber-attacks
  • Demonstration

Process Control Exploitation

  • Overview of SWaT architecture and demonstration network layout
  • Static multiple point attacker paths and model
  • Demonstration

IT and OT Networks Discovery
Basic Networking Concepts 

  • IP address and basic networking
  • NEY and IANA
  • OSI 7-layer model 
  • Address Resolution Protocol (ARP), Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP)
  • Protocol characteristics and relevant threats

Passive Discovery

  • Passive discovery vs active discovery
  • Intelligence gathering tools
  • Tools and techniques for passive discovery
  • Hands-on exercise

Day 2

IT and OT Networks Discovery
Active Discovery

  • Nmap 
  • Host Discovery in IT and OT
  • Port scanning and states in IT and OT
  • ICS challenges
  • Introduction to Nessus (vulnerability scanner)
  • Introduction to OpenCAS (Open Vulnerability Assessment System)
  • Exercise

CPS and Network Attacks and Exploits
The different stages of cyber-attacks

  • Attacker profiles, attack stages, tasks and consideration
  • System vulnerabilities and software vulnerability 
  • National vulnerability database CVSS
  • Exploit types 
  • Attack operations
  • Bypass network controls
  • Hands-on exercise

CPS Attack Surface 

  • Metasploit framework
  • Basic exploit process
  • Meterpreter: Useful commands
  • Hands-on exercise

Day 3

Network Defence and Incident Response
CPS Attack Surface

  • Hands-on exercise: Armitage on IT and OT Networks

Security Monitoring and Incident Response

  • Understanding defence-in-depth
  • Intrusion detection / protection system
  • Signature vs anomaly detection
  • Intrusion prevention systems (IPSs) vs Intrusion Detection Systems (IDSs)
  • Incident response plan for CPS 
  • Hands-on exercise 
  • Assessment

S$2,400/pax

For enquiries, please send an email to learning@sginnovate.com

Ivan Lee, Co-founder, Tegasus International

Across the globe, Ivan works with various strategic partners such as the NATO Cooperative Cyber Defence Centre of Excellence, US Department of Homeland Security ICS-CERT Idaho National Laboratory and local government agencies on key initiatives and training programmes. 

He started his career with Accenture, global top IT consulting MNC company and has assumed various tech-management roles in the telecommunication, cGMP and Operational Technology sectors regionally. He is currently the Deputy Director of Cyber Security Technologies in iTrust — a Centre for Research in Cybersecurity that was established by Ministry of Defence and Singapore University of Technology and Design. 

He is also a SUTD Academy Fellow and a member of the Coordinating Committee for Cybersecurity (CCCY) Subcommittee for Critical Information Infrastructure (CII). 

He has attended various professional training and acquired certifications as listed below:

  • Certified Information Systems Security Professional (CISSP)
  • US Department of Homeland Security ICS-CERT Industrial Control Systems (ICS) Cybersecurity (301)
  • Advanced Penetration Testing, Exploit Writing, Ethical Hacking (SANS)
  • Advanced Course on Darknet and Crypto Currencies
  • Hands-on Hardware Hacking and Reverse Engineering (Blackhat 2015)
  • Cybersecurity: Technology, Application and Policy (MIT Digital Program)
  • FORENSICS: Reverse-Engineering Malware (SANS)
  • Managing Successful Programmes (MSP) Practitioner, 2014
  • Introduction to Business Process Reengineering Workshop
  • Live Hacking & Information Security Masterclass
  • Self-Discovery Leadership
  • EC-Council Certified Security Analyst (ECSA), 2013
  • Certified Ethical Hacker (CEH), 2013
  • Project Management Professional (PMP)

Topics: Cybersecurity