|
Cybersecuring Control Systems Workshops
Internet-enabled control systems provide critical services that allow a facilities to meet the functional and operational needs. However, once installed, many of these systems have minimal protections to keep hackers out.
Smart Cities, Smart Buildings, Smart Cars and the Internet of Things continues to evolve at a rapid pace. Yet, with this increasing reliance on operational technology, very few people are aware of the potential threats from hackers and others with malicious intent. In a world where companies and individuals are increasingly at risk of having their personal data and assets compromised, it is imperative that control system owners also protect their properties and systems from cyber threats and potential harm.
All Workshops are led by Michael Chipley of The PMC Group LLC and are held quaterly in the Washington, D.C. metropolitan area, or can be presented at client sites. For each workshop, attendees will need a laptop with administrative privileges to load software. They will receive the course content, tools and lab exercises on a CD at the beginning of the course.
Seating for each workshop is limited to 20 students per day. Click on the workshop title for the desired dates to register.
Introduction to Cybersecuring Building Control Systems Workshop
This Workshop is geared to those professionals new to the world of building cybersecurity. This workshop provides a combination of classroom learning modules to teach control system basics, protocols, how to use the information assurance risk management framework and hands-on laboratory exercises using tools and methods such as the DHS Cybersecurity Evaluation Tool (CSET) to inventory, diagram, identify, attack, defend, contain, eradicate and report a cyber event.
Client Sites: Call or email to schedule at client sites
Workshop Fee: $400
Workbook Only: $100
Register to attend.
Advanced Cybersecuring Building Control Systems Workshop
This Workshop is geared towards building and information assurance professionals who have experience in IT or control systems cybersecurity but need to learn how to apply those skills to building control systems. This workshop provides a more technical, in-depth training solution geared towards developing security professionals with the ability to approach security with an attacker mentality. This includes understanding and practicing hacker and defender techniques for footprinting, scanning and enumeration, exploitation, post exploitation, containment and eradication, and reporting. Attendees will use Kali Linux and other exploit tools to gain entrance into the control system, pivot through the network, establish beacon command and control channels, modify logs to mask presence and exfiltrate data. Attendees will then contain and eradicate the exploit and prepare artifacts, event logs and develop an incident report.
Client Sites: Call or email to schedule at client sites
Workshop Fee: $400
Workbook Only: $100
Register to attend.
Both the introductory and advanced workshops are built around key federal guidelines that have come out in recent years, including:
- Executive Order 13636—Improving Critical Infrastructure Cybersecurity (Issued February 19, 2013)
- National Institute of Standards and Technology (NIST) Cybersecurity Risk Management Framework (Issued February 12, 2014)
- NIST Special Publication (SP) 800-82 Rev. 2 Industrial Control Systems Security Guide (Issued May 2015
- U.S. Department of Homeland Security (DHS) Interagency Security Committee "Securing Government Assets through Combined Traditional Security and Information Technology" White Paper (Issued February 2015)
Cybersecuring DoD Control Systems Workshop
This Workshop is designed to support the U.S. Department of Defense (DoD) facility managers and other facilities-related personnel to better prepare against cyber threats. It is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect DoD facilities.
Client Sites: Call or email to schedule at client sites
Workshop Fee: $400
Workbook Only: $100
Register to attend.
Your Building Control Systems Have Been Hacked, Now What?
Tactics, Techniques and Procedures Workshop
This Workshop is intended for building owners, facility managers, engineering, physical security, information assurance and other professionals involved with the design, deployment and operation of building control systems. It will provide a combination of classroom learning modules and hands-on laboratory exercises to learn how to detect, contain, eradicate and recover from a cyber event. It is built around the Advanced Control System Tactics, Techniques and Procedures (TTPs) developed by the U.S. Cyber Command (USCYBERCOM). Attendees will use the Cyber Security Evaluation Tool (CSET), GrassMarlin, Glasswire and Belarc tools to create a fully mission-capable (FMC) baseline, conduct footprinting and learn how to find building control systems exposed on the internet using Google Hacking, Shodan and WhiteScope discovery tools. They will build a Recovery Jump-Kit, use it to find and eradicate the malware using tools such as MalwareBytes and the Microsoft Internals suite, and learn how to perform data collection for forensics. Lastly, attendees will evaluate the cyber severity of the incident and prepare an incident report.
Client Sites: Call or email to schedule at client sites
Workshop Fee: $400
Workbook Only: $100
Register to attend.
Cybersecuring Control Systems
The Cybersecuring Control Systems Workshop is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the Control System (CS) life cycle—to learn the best practice techniques to better protect their CS.
The workshop provides a combination of classroom learning modules to teach control system basics, protocols, how to use the NIST Risk Management Framework and the Cybersecurity of Facility-Related Control Systems Design Guidance, and hands-on laboratory exercises using tools and methods to inventory, diagram, identify, attack, defend, contain, eradicate and report a cyber event/incident. This includes understanding and practicing hacker and defender techniques for footprinting, scanning and enumeration, exploitation, and post exploitation clean up and maintain persistence. Attendees will see how hackers use exploit tools to gain entrance into the control system, pivot through the network, establish beacon command and control channels, modify logs to mask presence, and exfiltrate data. Attendees will also learn how to use the Advanced Control System Tactics, Techniques, and Procedures (TTPs) developed by the U.S. Cyber Command (USCYBERCOM) to create a Recovery Jump-Kit to find and eradicate malware and exploits using tools such as MalwareBytes, Microsoft Internals Suite, and OSForensics to perform data collection for forensics.
Workshop Overview
0800-0900 Unit 1 Overview of Control Systems, Networking and Communication Protocols, NIST/SANS/ISA/ISSO Standards & Drivers
0900-1015 Unit 2 Hacker Methodology
1015-1030 Break
1030-1115 Unit 3 UFC 4-010-06 Cybersecurity of Facility-Related Control Systems
1115-1200 Unit 4 Overview of ICS-CERT CSET tool
1200-1300 Lunch
1300-1330 Unit 5 Advanced Control System Tactics, Techniques, and Procedures
1330-1400 Unit 6 Control System Forensics
1400-1430 Unit 7 Acquisition and Procurement Language for Control Systems, Wrap Up Q&A
Client Sites: Call or email to schedule at client sites
Workshop Fee: $400
Workbook Only: $100
Register to attend.
|