What you'll learn

Learn concepts for building a secure SCADA from Cybersecurity point of view

Define Zero Trust objective and implementation

Detail on how to secure the network to overcome risks that nobody wants in SCADA and ITOT

Examples and practices will help achieve world wide standard of security and compliance

Requirements

This is designed for at least basic skilled understanding of network, operating systems, cyber security concepts

Description

In this course, I will give an overview on how to design and implement highly secure SCADA platforms. This course can be a good start point for beginners and also I hope will be interesting to follow even for experts in the field. The theory from this course will surely need adaptation over time while new threats will appear.The course follows zero trust techniques that I am also using in my daily activities. They are very important because older frameworks which contains even methods like just unplugging cable and considering it more secure. methods that was proven in practice to be a really bad one.This course is intended to share the knowledge I gathered in many years of experience. I will happily accept discussions invites and debates and maybe they will me and also this course to improve while we all improve the security of our systems.This will not be the definite containing all and have the direct and proven path to success. I can't say enough, cyber security needs to evolve over time at same rate or better than vulnerabilities evolves. Our lives start to depend more end more on IT and OT is just a part that usually we don't easily see with our own eyes but believe me, you don't want an OT system to be hacked and used in malicious activities.

Overview

Section 1: Introduction

Lecture 1 Introduction and About me, the trainer

Section 2: Introduction on SCADA and why Cyber Security topic is so important

Lecture 2 Overview on SCADA and Cyber Security

Lecture 3 Components of SCADA platform

Lecture 4 SCADA vs ITOT

Lecture 5 Standards

Section 3: Basic concepts when you plan the design of an ITOT

Lecture 6 Basic concepts when you plan the design of an ITOT

Lecture 7 Redundancy

Lecture 8 Single point of failure examples

Lecture 9 How to use maintenance windows for redundant units

Section 4: Cyber Security for a SCADA system

Lecture 10 CIA Triad

Lecture 11 Zero trust and defense in depth

Lecture 12 Least privilege - using LDAP and Active Directory

Lecture 13 Multi-factor authentication (MFA)

Lecture 14 Endpoints

Lecture 15 802.1x Network Protocol

Lecture 16 Network access control

Lecture 17 Defense-in-depth

Lecture 18 Encryption

Section 5: Computer Network Design and Considerations

Lecture 19 Network Segmentation

Lecture 20 Segmentation Based on Role

Lecture 21 Segmentation Based on Risk

Lecture 22 Computer Network Switches

Lecture 23 Computer Network Firewalls

Lecture 24 IPS/IDS

Lecture 25 Encryption

Lecture 26 Remote Access

Lecture 27 VPN and Corporate Access

Lecture 28 Remote Devices and Industrial Communication Protocols

Section 6: Servers and Other Infrastructure

Lecture 29 Physical servers

Lecture 30 Cloud servers

Lecture 31 Virtualization layer

Lecture 32 Operating Systems

Lecture 33 Other Infrastructure

Section 7: Securing The Platform

Lecture 34 Defense In Depth

Lecture 35 Patching

Lecture 36 Fighting Malware

Lecture 37 Out Of Band Connections

Lecture 38 Centralized Management and Control

Lecture 39 Securing Common Network Protocols

Lecture 40 Vulnerability Testing and Assessment

Section 8: Logging and monitoring

Lecture 41 Monitoring

Lecture 42 Asset Management and Inventory

Lecture 43 Syslog

Section 9: Data Analysis

Lecture 44 Mirror Traffic and Network Taps

Lecture 45 NetFLOW and SFLOW

Lecture 46 Decrypting traffic for analysis

Lecture 47 SIEM

Section 10: Platform Backup

Lecture 48 Platform Backup

Section 11: Best Practices

Lecture 49 Sandboxing

Lecture 50 Air Gapped Systems

Lecture 51 PKI and Certification Authorities

Lecture 52 Physical Security

Lecture 53 Procedures and Protocols

Section 12: Closing Thoughts

Lecture 54 This is Just the Beginning

Engineers, Network and Infrastructure, System and Operations, Managers, Architects