Name: ICS/OT Cybersecurity as per NIST 800-82 Updated - Part1
Rating: 4.4 (163 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created bySourabh Suman

Last updated 5/2024

English

What you'll learn

About NIST 800-82
NIST 800-82 complete explanation
OT security risk management .
Guidance on applying the Cybersecurity Framework to OT systems
Applying the Risk Management Framework to OT systems
Defense in Depth Architecture
OT Security capabilities and tools
Development and deployment of an OT cybersecurity program

Course content

8 sections • 97 lectures • 4h 35m total length

Introduction2:58
Contents of course and what we will learn in this course!

OT Based system and their interdependencies1:36
Will learn about types of OT systems and there interdependencies, also will see one use case of interdependent system.
SCADA Systems9:08
About basic network and communication of SCADA systems.
Distributed Control Systems4:14
This chapter includes details of DCS and its basic communication architecture.
Programmable Logic Controller Based Topologies3:21
This chapter includes details of PLC and its basic communication architecture.
Building Automation Systems3:44
This chapter includes details of BACS and its basic communication architecture.
Physical Access Control Systems4:07
This chapter includes details of physical access control system and its basic communication architecture.
Safety Systems6:30
In this chapter we will learn about SIS and Safety Systems
Industrial Internet of Things12:39
This chapter includes details of IIOT and its basic communication architecture.
Quiz 1

OT Cybersecurity Program Development3:23
To mitigate cybersecurity risk to their OT systems, organizations need to develop and deploy an OT cybersecurity program. We will learn bout program.
Establish Charter for OT Cybersecurity program1:49
A charter for a cybersecurity program is a plain-language high-level description that establishes clear ownership and accountability for protecting the OT resources . We will learn about charter.
Benefits of OT Cybersecurity Program2:37
What are benefits of cybersecurity program? Lets learn!
OT Cybersecurity Program Content3:50
Learn about contents of a cybersecurity program.
Cybersecurity Program Implementation Team4:38
OT Cybersecurity Strategy4:14

Managing OT Security Risk4:28
The risk management process and framework outlined in this section can be applied to managing safety, information security, and cyber supply chain risk. Lets learn about it.
Framing OT Risk10:43
We will learn about framing cybersecurity risk!
Assessing Risk12:35
We will learn about the assessing risk.
Responding to Risk6:54
How to respond the cybersecurity incident, that we will learn in this chapter.
Monitoring Risk7:18
Applying Risk Management Framework3:51
In this chapter we will learn about application of risk management in the OT cybersecurity enviroment.

Prepare2:51
Lets see what is prepare pahse!
P-1: Risk Management Roles1:53
P-2: Risk Management Strategy1:22
P-3: Risk Assessment — Organization0:48
P-4: Organizationally Tailored Control Baselines And Cybersecurity Framework1:00
P-5: Common Control Identification1:16
P-6: Impact-Level Prioritization1:31
P-7: Continuous Monitoring Strategy – Organization0:54
P-8: Mission Or Business Focus2:23
P-9: System Stakeholders1:59
P-10: Asset Identification1:34
Task P-11: Authorization Boundary1:50
P-12: Information Types2:08
P-13: Information Life Cycle2:25
P-14: Risk Assessment – System1:16
P-15: Requirements Definition1:05
P-16: Enterprise Architecture1:32
P-17: Requirements Allocation2:07
P-18: System Registration1:11
Categorize2:48
Now once we are prepared , lets move to categorize!!
Task C-1: System Description0:36
Task C-2: Security Categorization2:12
Task C-3: Security Categorization Review And Approval1:00
Select3:37
Time to select the initial set of cybersecurity controls for implementation in the OT enviroment
Task S-1: Control Selection2:09
Task S-2: Control Tailoring1:52
Task S-3: Control Allocation2:57
Task S-4: Documentation Of Planned Control Implementations1:07
Task S-5: Continuous Monitoring Strategy – System2:30
Implement2:12
Time to implement the selected controls!
Task I-1: Control Implementation1:26
TASK I-2: Update Control Implementation Information1:04
Assess0:59
Now assess again what is working what is not!
Task A-1: Assessor Selection2:42
Task A-2: Assessment Plan3:13
Task A-3: Control Assessments2:27
Task A-4: Assessment Reports2:02
Task A-5: Remediation Actions1:52
Task A-6: Plan Of Action And Milestones1:35
Authorize0:43
Authorisation is required for all the activities, lets learn about it!
Task R-1: Authorization Package1:19
Task R-2: Risk Analysis And Determination2:22
Task R-3: Risk Response1:59
Task R-4: Authorization Decision1:39
Task R-5: Authorization Reporting1:44
Monitor0:31
Continuous monitoring is required for continuous improvent in the risk management.
Task M-1: Checking System And Environment Changes1:34
Task M-2: Ongoing Assessments1:31
Task M-3: Ongoing Risk Response2:03
Task M-4: Authorization Package Updates0:36
Task M-5: Security And Privacy Reporting0:45
Task M-6: Ongoing Authorization1:05
Task M-7: System Disposal2:33

Defense in Depth Architecture1:50
We will leanr about, what is defense in depth and how it can be done.
Layer-1 Security Management1:24
We will learn about Layer 1 security requirements.
Layer-2 Physical Security2:07
We will learn about the Layer 2 requirements for defense in depth architecture.
Layer-3 Network Security1:05
We will learn about the Layer 3 requirements for defense in depth architecture.
Network Architecture4:42
We will learn about the Layer 3 requirements for defense in depth architecture.
Centralized Logging2:24
We will learn about the central logging requirements for defense in depth architecture.
Network Monitoring2:55
We will learn about the network monitoring for defense in depth architecture.
Zero trust architecture4:28
We will learn about the Zero trust architecture.
Layer-4 Hardware Security2:55
We will learn about the Layer 4 requirements for defense in depth architecture.
Layer-5 Software Security2:49
We will learn about the Layer 5 requirements for defense in depth architecture.
Additional Considerations2:52
We will learn about the additional consideration requirements for defense in depth architecture.
Distributed Control System (DCS)-Based OT Systems6:43
We will learn about the the transformation of DCS architecture with defense in depth principles.
DCS/PLC-Based OT with IIoT1:24
We will learn about the the transformation of DCS /PLC architecture with defense in depth principles.
SCADA-Based OT Environments4:48
We will learn about the the transformation of SCADA architecture with defense in depth principles.

Segmentation-Firewall3:09
ABout firewall and type of firewall.
Segmentation-Unidirectional Gateways1:52
Have you heard about datadiode, lets learn!
Segmentation-VLAN1:04
Everyone knows VLAN, so just revise it!
Segmentation-Software Defined Networking2:06
What is software define networking? How it works?
Network Monitoring/SIEM-BAD/DLP3:12
Anomaly detection? Data loass prevention: Lets learn!
Network Monitoring/SIEM-Deception & Digital Twin3:23
Learn about network monitoring and deception technologies?
Data Security- Immutable storage/Hashing4:23
Lets continue learning data security!
Data Security-Digital Signatures/Remote Access2:17
We can use digital signatures as well for security requiremnet and validation!

Requirements

Industrial Software Knowledge Like DCS/SCADA/PLC/RTU etc
No programming knowledge required
Basic understanding of ICS/OT environment
Prior experience required otherwise you will not understand anything
Architecture awareness of OT systems
If you don't know ICS...I recommend not to buy!

Description

*LEARN NIST 800-82 STANDARDS FOR IACS*

CAUTION: "DO NOT BUY IF YOU DON'T LIKE THEORETICAL COURSE"

Industrial cybersecurity is based on the NIST guidelines. OT is critical to the operation of critical infrastructures, which are often highly interconnected, mutually dependent systems. It is important to note that while federal agencies operate many of the nation’s critical infrastructures, many others are privately owned and operated.

This course was created after thoroughly understanding and practically implementing it in the OT environment, so this 6-hour course is a summarized version of the NIST 800-82 standard. It will help to understand what it contains and how it should be understood. So, the following are the basic topics that we will cover in this course:

1. OT Overview: DCS/PLC/PLC/BACS/PACS

2. About Cybersecurity program development

3. Risk Management for OT systems

4. OT Cybersecurity Architecture

5. Cybersecurity Framework

6. OT Security capabilities and tools

After finishing this course, you will have the following understanding:

1. Good grasp of NIST 800-82 Standard

2. What technologies are required for securing an OT infrastructure.

3. What is the cybersecurity framework

4. What to do to achieve defense in depth architecture

5. Why cybersecurity program is required and how to set up

6. Feel confident about referring standards in professional discussions

7. Will help in cracking interviews

This course provides guidance for establishing secure operational technology (OT) while addressing OT’s unique performance, reliability, and safety requirements. OT encompasses a broad range of programmable systems and devices that interact with the physical environment (or manage devices that interact with the physical environment). These systems and devices detect or cause a direct change through monitoring and/or control of devices, processes, and events.

* If video seems fast try playing at 0.75x speed

* Connect to me on Linkedin/ or visit cyberotsecure{dot}com website to get discounts.*

Who this course is for:

Control engineers, integrators, and architects who design or implement OT systems
System administrators, engineers, and other information technology (IT) professionals who administer, patch, or secure OT systems
Security consultants who perform security assessments and penetration testing of OT systems
Managers who are responsible for OT systems
Senior management who need to better understand risk for OT systems as they justify and apply an OT cybersecurity program
Researchers and analysts who are trying to understand the unique security needs of OT systems
Vendors that are developing products that will be deployed as part of an OT system

What you'll learn

Explore related topics

Course content

Introduction1 lecture • 3min

OT Overview8 lectures • 45min

OT Cybersecurity Program Development6 lectures • 21min

Risk Management for OT Systems6 lectures • 46min

Risk Management Framework steps53 lectures • 1hr 32min

OT Cybersecurity Architecture14 lectures • 42min

OT Security Capabilities and Tools8 lectures • 21min

Summary & Conclusion1 lecture • 5min

Requirements

Description

Who this course is for: