Course curriculum

  • 1

    Chapter 0: Read before start

    • A Brief Overview of the Course

    • Skills and Career Opportunities (Results of the Course)

    • Goals and Objectives of the Course

    • Importance of the Course
  • 2

    SCADA Security 101 Intro

  • 3

    SCADA Security 101 the first phase

    • SCADA Security 101 the first phase part 1

    • WannaCry ransomware severely impacted the National Health Service (NHS) case study (please read carefully)

    • CrashOverride-01 (please read carefully)

    • The-Top-20-Cyberattacks for review only

    • One Flaw too Many_ Vulnerabilities in SCADA Systems - Security News - Trend Micro USA

    • Top-20-ICS-Attacks (please read carefully)

    • SCADA Security 101 the first phase part 2

    • SCADA Security 101 the first phase part 3

    • SCADA Security 101 the first phase part 4

    • OPC-UA-Security-Advise-EN report to read
  • 4

    Case Studies to read from OPC (A MUST READ for ALL)

    • SCADA Security 101 the first phase part 5

    • OPC_UA_SuccessStory_Transportation-Voestalpine-v1

    • OPC_UA_SuccessStory-OilGas-IntegrationObjects

    • OPC_UA-SuccessStory-Automotive-Kromberg-Schubert-v1

    • OPC-UA-SuccessStory-Food-Beverage-Weber-v1

    • OPC-UA-SuccessStory-SmartMetering-RegioIT-v1

    • OPC-UA-SuccessStory-WaterTreatment-ZWAV-v1

    • ProsysCaseNesteJacobsOPC

    • ProsysCaseNJ_NAPCON

    • SABIC_SAFCO_Case_Study_OwlCTI

    • Wellhead_Operation_Success_EFM_SWTB
  • 5

    SCADA Security 101 moving forward

    • SCADA Security 101 the first phase part 6

    • SCADA Security 101 the first phase part 7 Vulnerable Protocols within SCADA

    • SCADA Security 101 the first phase part 8 The role of Shodan, ICS CERT and beyond

    • SCADA Security 101 the first phase part 8 The role of Shodan, ICS CERT and beyond

    • Additional Reading Article. Common Malware Types_ Vulnerability Management 101 _ Veracode

    • Additional Reading Article. The Cyber Kill Chian

    • WannaCry ransomware used in widespread attacks all over the world _ Securelist

    • Additional Reading Article. What Is an Advanced Persistent Threat (APT)_ _ Kaspersky

    • Additional Reading Article. AShrivastava_ARP

    • Additional Reading Article. CRASHOVERRIDE_ The Malware That Attacks Power Grids

    • Additional Reading Article. HTTP_1.1_ Security Considerations

    • ICMP_ The Good, the Bad, and the Ugly _ by Drew Branch _ Independent Security Evaluators

    • Real risks of using file transfer protocol _ CIO Dive
  • 6

    Challenge Lab Installing CSET Tool (We will use this tool to perform Risk Assessments and create architectures of SCADA)

    • Installing CSET Tool for testing and learning

    • SCADA Security 101 the second phase part 1 CSET Tool walkthrough
  • 7

    SCADA Risk Factors

    • SCADA Security 101 the second phase part 2 SCADA Risk Factors

    • Cyber Threat Source Descriptions _ CISA

    • SCADA Security 101 the second phase part 3 vendor risk mgmt and ISO 27036 standard

    • ISO/IEC 27036:2013 for Vendor Risk Management

    • SCADA Security 101 the second phase part 4 PERA and CPWe Architecture review MUST read

    • CISCO Design document review MUST read

    • SCADA Security 101 the second phase part 5a Physical and Network Security within SCADA

    • integrated-enterprise document from CISCO (read if you can)

    • SCADA Security 101 the second phase part 5b Physical and Network Security within SCADA

    • How Network Segregation, Segmentation Can Stop Ransomware Attacks
  • 8

    SCADA Exam Set 1

    • SCADA Practice Exam Part 1
  • 9

    The role of SOC and NOC

    • SCADA Security 101 the second phase part 6a the role of SIEM, SOC and the NOC

    • SCADA Security 101 the second phase part 6b the role of SIEM, SOC and the NOC
  • 10

    SCADA Exam Set 2

    • SCADA Practice Exam Part 2
  • 11

    The Role of Computer Security within SCADA

    • SCADA Security 101 the second phase part 7 Computer Security and SCADA Context

    • SCADA Cyber Security _ Yokogawa Canada

    • Addressing SCADA Endpoint Protection Concerns _ Security

    • patch management
  • 12

    SCADA Exam Set 3

    • SCADA Practice Exam Part 3
  • 13

    The Role of Application Security within SCADA

    • SCADA Security 101 the second phase part 8 Application Security and SCADA Context

    • What is Application Whitelisting_

    • IoT, edge computing spawn new security issues

    • How to protect enterprise ICS networks with firewalls

    • Defending the internet of things at machine speed - IoT Agenda

    • Critical infrastructure firms urged to patch Schneider Electric flaws

    • Addressing SCADA Endpoint Protection Concerns _ Security

    • SCADA Security 101 the second phase part 8a Application Security and SCADA Context

    • Security Development Lifecycle (SDL) for ICS_SCADA Systems - Applied Risk

    • SCADA Security 101 the second phase part 8b Application Security and SCADA Context

    • Tofino Firewall LSM _ Tofino Industrial Security Solution

    • Cisco Industrial Security Appliance 3000 (ISA) - Cisco

    • Stratix 5950 Security Appliance _ Allen-Bradley

    • 7 Best Practices to harden SCADA networks security

    • IgnitionSecurityHardeningGuide-11-05-20
  • 14

    SCADA Exam Set 4

    • SCADA Practice Exam Part 4
  • 15

    SCADA Security Program Development The last Domain

    • SCADA Security 101 the second phase part 9 SCADA Security Program Development

    • SCADA Security 101 the second phase part 9a SCADA Security Program Development Final Class