Course Objectives:

By the end of this training, participants will be able to:

1. Introduction to OT Security & System Hardening

• Understand the unique security challenges in OT environments.
• Differentiate between IT and OT security requirements.
• Learn about common threats such as malware, unauthorized access, and zero-day vulnerabilities.

2. OS Hardening Fundamentals

• Define operating system (OS) hardening and its importance in OT.
• Identify key principles of system security, including least privilege and defense-in-depth.
• Understand the impact of unpatched vulnerabilities on OT systems.

3. Hardening Windows-Based OT Systems

• Secure user accounts and privileges (Role-Based Access Control - RBAC).
• Disable unnecessary services and ports.
• Implement Group Policy settings for security enhancement.
• Apply security updates and patch management strategies.

4. Hardening Linux-Based OT Systems

• Configure user access and privileges securely.
• Disable unused services and network daemons.
• Implement Secure Shell (SSH) hardening and firewall settings.
• Enable auditing and logging for security monitoring.

5. Network Security & Segmentation

• Implement firewall rules and access control lists (ACLs).
• Understand network segmentation (ISA/IEC 62443, Purdue Model).
• Apply secure remote access techniques (VPNs, jump servers).
• Protect against unauthorized network access and intrusion.

6. Secure Authentication & Access Controls

• Implement Multi-Factor Authentication (MFA) for OT systems.
• Secure Active Directory integration for centralized access control.
• Use hardened credentials and password management policies.

7. Patch Management & Vulnerability Assessment

• Develop a patching strategy for OT environments.
• Conduct risk-based vulnerability assessments.
• Apply compensating controls when patching is not feasible.

8. Security Monitoring & Incident Response

• Set up system logging and auditing mechanisms.
• Use Security Information and Event Management (SIEM) tools for OT monitoring.
• Develop an incident response plan for OS-related security breaches.

9. Compliance & Regulatory Considerations

• Understand key OT security frameworks (NIST CSF, IEC 62443, NERC CIP).
• Ensure compliance with industry regulations and cybersecurity best practices.
• Conduct security audits and documentation for compliance tracking.

Target Audience

This training is designed for professionals responsible for securing OT environments, ensuring system integrity, and protecting critical infrastructure. The target audience includes:

• OT Cybersecurity Engineers
• IT/OT Network Security Specialists
• Industrial Control System (ICS) Security Professionals

• OT System Administrators (Windows & Linux)
• ICS/SCADA Engineers
• Process Automation Engineers

• Control System Technicians
• Plant IT & OT Support Staff
• Maintenance Engineers

• Industrial Security & Risk Analysts
• HSE & Regulatory Compliance Officers
• Audit & Governance Teams