The ICS Security Incident Response Fundamentals course has been designed to provide those at Practitioner or equivalent level with an understanding of the current cyber incident response challenges facing their ICS environments. This includes an understanding of what an Incident is and how this approach may differ in an ICS Environment. This would also benefit those participating in or engaging with an ICS Incident Response team for the first time. This knowledge is vital when managing the day to day running of all aspects of security incident response for those environments.
This course will show students how to best protect and support their organisations cyber incident response process and provide an understanding of the stages of the IR process, including the information required to be able to create an effective IR plan (based upon the ICS4ICS processes). Template plans will be provided for student to complete and take away.
Siker have worked in partnership with the UK’s National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) as well as leading Critical National Infrastructure companies to produce this short course.
Anyone new to cyber security in an ICS Incident Response environment Non-ICS staff who need to understand ICS terminology and how it differs from their current roles.
If you are a professional working in an ICS environment including:
There are no pre-requisites for this course and a laptop is not required. In addition, a course exercise handbook and ICS Continuity Plan template is provided.
We want staff who may be called in to help resolve a cyber incident to understand what it is they are walking into. This will help calm the panic and provide a swifter response to the incident which, in turn, leads to a quicker return to normal operations. This includes:
The course consists of 2 day classroom training.
Session 1: Introduction to the Incident Handling Process
Session 2: Preparation
Session 3: Identification
Session 4: Containment
Session 5: Eradication
Session 6: Recovery
Session 7: Lessons Learned
This course is a Foundation level course, but it can also be used as preparation for more advanced training such as the Siker ICS405: Securing ICS and Siker ACT310: Incident Handling courses.
Attendees who require to record CPE credits e.g. (ISC)2, ISACA, IET etc. can receive 12 CPE credits for attending the course. Individuals are responsible for entering accurate membership or ID numbers upon registration to ensure relevant details are included on course certificates.