Untitled design 18

Certified Lead SCADA Security Manager

Cybersecurity leader specializing in protecting industrial control systems and SCADA environments. Expert in risk assessment, incident response, IEC 62443/NERC CIP compliance, and OT/IT integration. Ensures availability and integrity of critical infrastructure across energy, water, and manufacturing sectors.

Category:

After successful completion of the training course, you will be able to:

  • Understand and explain the purpose and risks to SCADA systems, Distributed Control Systems and Programmable Logic Controllers
  • Understand the risks faced by these environments and the appropriate approaches to manage such risks
  • Develop the expertise to support a pro-active SCADA Security program, including policies and vulnerability management
  • Define and design network architecture incorporating defense in advanced security controls for SCADA
  • Explain the relationship between management, operational and technical controls in a SCADA Security program
  • Improve the ability to design resilient and high availability SCADA systems
  • Learn how to manage a program of effective security testing activities

A fundamental understanding of SCADA Security.

  • Security professionals interested in acquiring SCADA security professional skills
  • IT professionals looking to enhance their technical skills and knowledge
  • IT and Risk Managers seeking a more detailed understanding of ICS and SCADA systems
  • SCADA IT professionals
  • Different SCADA Systems and their purposes
  • Operations of ICS Systems
  • Main industry standards related to SCADA and SCADA Security
  • Basic working elements of ICS control and network components
  • Differences and characteristics of DCS, PLCs and SCADA Systems
  • How SCADA Systems are interdependent between industries and the relevant security issues
  • Future trends and developments in SCADA Security
  • Common ICS security risks
  • Techniques for identifying and assessing threats
  • Common threats to SCADA environments
  • Common vulnerabilities in SCADA environments
  • Different types of vulnerabilities faced in SCADA environments
  • Risk assessment processes and methodologies used to assess SCADA environments
  • Exercising and testing
  • Attack vectors which are commonly used against SCADA environments
  • Previous incidents and the techniques used along with vulnerabilities exploited
  • Main project management concepts, terminology, process and best practice as described in ISO 10006
  • Principal approaches and methodology frameworks to implement a security program
  • Main concepts and terminology related to organizations
  • Organization's external and internal environment
  • Main interested parties related to an organization and their characteristics
  • Techniques to gather information necessary to design the security program
  • Differences between and the purposes of policies, procedures, standards and guidelines
  • Vulnerability management techniques and tools and their deployment in a SCADA environment
  • Security awareness raising techniques and their application
  • Techniques used to measure the performance of programs and security controls
  • Firewall technology and its deployment in SCADA environments
  • Network design principles and methods for network segregation that can be applied
  • Common network protocols including but not limited to DNS, HTTP, FTP, Telnet, SMTP, SNMP and DCOM and the associated security issues
  • SCADA and industrial protocols including how they work and the associated security issues
  • Network design principles including resilience and single points of failure
  • Remote access technologies and techniques and the associated security vulnerabilities
  • Principles of management, operational and technical controls
  • Techniques and controls to be used surrounding third party and supplier management
  • Common physical security controls used in SCADA environments
  • Common personnel security controls used in SCADA environments
  • Identity and access management controls that can be applied in a SCADA environment
  • Audit and log management techniques and technologies that can be used in SCADA environments
  • Failure points in SCADA systems, design and architectures
  • Controls and solutions available to aid system resilience
  • Techniques that can be used to test resilience controls
  • Differences and linkages between security incident management, business continuity and disaster recovery
  • Disaster recovery planning process and the fundamental elements of a disaster recovery plan
  • Relationship between business continuity and disaster recovery
  • Testing strategies for business continuity, disaster recovery and incident management and how to perform such tests
  • Principal approaches and methodology frameworks to implement a testing framework
  • Organization's external and internal environment
  • Techniques to gather information necessary to develop a scope and plan
  • Characteristics of a security testing scope
  • Analysis techniques to analyze information which has been collected
  • Risk management and how to analyze the associated risk level of a finding
  • Reporting techniques and styles
  • Communication techniques
Length of exam 180 minutes
Number of questions 150 questions
Question format Multiple-Choice questions
Passing grade 70% (105 out of 150)
Languages English
Testing center Online Proctoring or Authorized PECB Exam Centre

Description

The Lead SCADA Security Manager training enables you to develop the necessary expertise to plan, design, and implement an effective program to protect SCADA systems. In addition, you will be able to understand common Industrial Control System (ICS) threats, vulnerabilities, risks related to the Industrial Control Systems (ICS) and techniques used to manage these risks. This training focuses on several aspects of security management and skills related to SCADA/ICS security.

 

Related Courses