Course

Operational Technology Cyber Security

Time limit: 120 days

$6,000 Enrol

Full course description

About this course

Welcome to this course on Operational Technology (OT) Security. This hands-on course will give you the opportunity to practice using tools, techniques, and methodologies to secure OT systems. You will complete penetration testing (pentesting) activities to identify, exploit and patch vulnerabilities in OT hardware using Kali and other open-source tools. We will also guide your development of a robust risk management approach in line with industry best practice.

This course focuses on a topic area that is far less prevalent than others for learners of Information Technology (IT) Security. 

Delivery Mode

Delivered online in self-paced mode, you will have 120 days from the time of your purchase to complete the training. As this is an online self-paced course there is no requirement to attend any live sessions. You can access and complete the online course 24/7 during your access.  After the 120 days you will lose access to the course.

Start Anytime
Access the course straight away
11 Modules
120 days to complete
Online
Self-paced learning
6000
Pay Now / Start Now

Course Snapshot

What are the course learning outcomes?

The course has been developed to help you achieve specific learning outcomes. Working through the content, activities and assessment tasks will help you:

  • Understand key security requirements based on design elements of OT systems.
  • Implement a secure SCADA environment based on industry best-practice. 
  • Determine and apply effective penetration testing techniques to discover threats and mitigate vulnerabilities in Operational Technology (OT) systems.
  • Devise and justify a cyber attack incident response plan in line with industry standards.
  • Analyse and apply cyber security standards, frameworks, and regulations to improve the security posture of OT systems.
  • Incorporate and evaluate cybersecurity controls in an OT environment in line with the well-known NIST cybersecurity framework
What core topics are offered?

Each module in the course is concluded with an ungraded practical activity. Many of the activities build on previous ones. It is critical that you complete all activities sequentially in order to maximise your chances of achieving a good outcome from the course. Skipping or missing an activity, or completing an activity incorrectly, means there is a significant risk that subsequent activities will not work as intended. This may impact on your ability to successfully complete assessments.

We may not always provide step by step instructions on how to complete an activity, but self-check solutions are provided with every activity so that you can check your results.

You will have significant opportunity for hands-on practice by building a test lab to enable practical exploration of tactics, techniques, and procedures. A "starter lab" (explained in detail later) will help you to develop solid foundational knowledge of the workings and security of OT.

You will be using Factory I/O to practice real-world control tasks for the purpose of OT security assessment and application. Watch this video to see what you can do in Factory I/O:

Who is this course suited to?

In order to get the most out of this course, you should have basic prior understanding and working knowledge of industrial control systems, computer networking, and cyber security.

The activities and assessment in this course will require you to use virtual box as a hypervisor to install VMs. We assume that you have fundamental knowledge of LINUX OS. If you are new to LINUX OS or using it first time, we recommend that you first complete the LINUX and Networking Basics short course. 

If you are interested in security analysis of OT systems, and you have basic knowledge of cybersecurity and OT (cyber-physical system or industrial control systems), then this is the right place for you!

What are the course credentials?

Earn a digital badge upon completion. Learners may also claim credit towards a Master of Cyber Security for the 7016ICT Cyber Security of Critical Infrastructure Course.

What does my course schedule look like?

We recognise that everyone learns at a different pace, and it may take you less or more time depending on your previous knowledge and experience. While there is no set timetable with this course, a study plan or schedule (provided below) is a valuable tool to help manage your time, stay motivated and ensure that all content, activities and assessment are covered.
 

Recommended completion schedule:

Module Assessment
1  Introduction to operational technology security  
2  Control systems and operations  
3  Industrial network protocols: S7, Modbus, DNP and EIP  
4  Industrial communication technologies: OPC, CAN and Zigbee  
5  Identify, Protect, and Detect  
6  OT threat hunting  
  Assessment 1: Set up a Secure OT network
7  Detect: Pentesting ICS environments  
8  Detect: Pentesting - Attacking the OT infrastructure  
  Assessment 2: Pentesting an Industrial Environment
9  Response and Recovery  
10 Identify: Governance and compliance  
11 Identify: OT Risk Management and Security Controls  
  Assessment 3: Industry Compliance Reporting
Who are the course facilitators?

Professor Ernest Foo

Professor, School of Information and Communication Technology

Griffith University Profile  

Dr. Mukhtar Hussain

Research Fellow, School of Information and Communication Technology

Griffith University Profile