The House of OT Cybersecurity

OTSEC.IO Logo

OT Cybersecurity Professional Training Details

Sample videos

Watch the sample videos from the course

Outline

Course Outline

Part 1: Fundamentals
Chapter 1: Mission
  • Industrial Revolution (Industry 1.0 – Industry 4.0)
  • Mission Critical Operations and your role
Chapter 2: Automation
  • Manual Process
  • Automated Process
  • Sensors and Actuators
  • Logic Control
  • Tags and Setpoints
  • Data Historian
  • Safety Instrumented System
Chapter 3: Distributed Control System
  • Components
  • Functional Level
  • Controller
  • Physical Connection (Marshalling cabinet)
  • Proportional Integral Derivative
  • Human Machine Interface
  • Engineering Workstation
Chapter 4: SCADA
  • Differences with DCS
  • SCADA Server
  • PLC
  • RTU / PAC
  • IED
  • Industrial PC
  • Programming Languages (IL, ST, SFC, FBD, LLD)
  • Alarms
Chapter 5: Operational Technology OT
  • Terminology and Classification of different systems
  • IT vs. OT
  • Air-gap Network
  • IT/OT Convergence
Part 2: Communications
Chapter 6: OT Network Architecture
  • Purdue Reference Model
  • Levels of Purdue Model
  • DMZ
  • Reading Architecture Diagram
  • OOB Network
  • DATA DIODE
  • Traffic Mirroring (SPAN)
  • Network TAP
  • Virtualization
  • NAT
  • Performance
  • Form Factor
  • Rugged Hardware
  • IP Rating
  • Network Topologies and Protocols
Chapter 7: IoT / IIoT
  • IoT / IIoT
  • IoT World Forum Reference Model
  • Challenges
  • Cybersecurity Risk
  • IoT/IIoT Infrastructure (MQTT)
  • 5G Cybersecurity Challenges
Chapter 8: IT/OT Protocols Analysis
  • Headers and Payload
  • Network Protocols
  • OT Protocols
  • Network Capture and Analysis
  • OT Network Threats
  • Network Services Protocols
Part 3: Common Industries
Chapter 9: Electrical Power Substations and IEC61850
  • Foundational Terms
  • Substations Components
  • Substation Automation System
  • IEC61850
  • Data Modeling
  • Network Architecture
  • MMS Protocol
  • GOOSE Protocol
  • SMV Protocol
  • PTP Protocol
Chapter 10: Oil & Gas
  • Upstream
  • Midstream
  • Downstream
  • Pipeline Monitoring
  • Modbus Protocol
Chapter 11: Building Management System
  • BMS/BAS use cases
  • BACnet
  • BACnet/IP Protocol
  • BBMD
Part 4: OT Cybersecurity
Chapter 12: Cybersecurity Standards & Regulations
  • IEC62443
  • People, Process, and Technology
  • People Roles and RACI
  • IEC62443 Security Level
  • Foundational Requirements
  • Defense in Depth
  • Zones and Conduits
  • Cybersecurity Capability Maturity Model
Chapter 13: Risk Assessment
  • Why Risk Based Approach?
  • OT Vulnerabilities
  • Roles and Responsibilities
  • Threat
  • Risk
  • How to Conduct Risk Assessment
  • Risk Calculation
Chapter 14: Cybersecurity Controls
  • Wrong Assumptions
  • Assets Visibility
  • Assets security posture assessment
  • OT NIDS
  • NGFW / IPS
  • Endpoint Protection
  • Identity and Access Management
  • OT Network Access Control
  • Secure Remote Access
  • Zero Trust
Prerequisites

Minimum Requirements

Before enrolling in our OT Cybersecurity Professional Training, we want to ensure that you have the foundational knowledge necessary to succeed in this course. Below is a list of minimum requirements that you should possess prior to starting the training:

  • Basic Networking Concepts: A solid understanding of networking fundamentals, including the OSI model, network devices, cabling, IP addressing, and subnetting, is essential for grasping the core concepts of OT cybersecurity.
  • TCP/IP Communications: Basic TCP/IP protocol suite knowledge.
  • Operating Systems: Experience with Windows and Linux operating systems, including basic administration tasks, file system navigation, and command-line usage, will aid in the management and hardening of OT devices and systems.
 
Additional knowledge will be a plus such as:
  • The functionality of various protocols (such as HTTP, FTP, SSH, and DNS) will be beneficial, such as the ability to interpret packet headers and analyze network traffic is crucial for securing OT environments.
  • Network Security Principles: Knowledge of fundamental network security concepts, such as firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network segmentation, will help you understand how to protect OT systems from cyber threats.
  • Industrial Control Systems (ICS) Overview: Familiarity with ICS components and architectures, including Programmable Logic Controllers (PLCs), Human-Machine Interfaces (HMIs), and SCADA systems, will enable you to identify potential vulnerabilities in OT networks.
  • Basic Programming Concepts: Understanding of basic programming concepts, such as variables, loops, and conditional statements, will be beneficial when analyzing code or scripts for potential vulnerabilities.
  • Cybersecurity Fundamentals: Awareness of cybersecurity threats, vulnerabilities, and risk management concepts, as well as common attack vectors and mitigation techniques, will provide a solid foundation for OT cybersecurity training.

 

Other requirements:

Participants are required to have a computer capable of running Wireshark for packet analysis, and appropriate software for writing assignment responses, creating presentation slides, and recording videos.

FQAs

Frequently Asked Questions

When you buy the course, you can obtain two types of certificates:

  1. Completion Certification indicates that you have attended all the course videos and passed all “Test your knowledge” multiple choice questions at the end of each chapter.
  2. Certified OT Cybersecurity Professional (COTCP) by otsec.io, which can only be obtained if you submit assignments requested at the end of each chapter, including the last assignment, which is to submit a short video, and your work will be manually reviewed and if all of your work has met the criteria you will pass and receive the certificate by email.

If your submission falls short, you will receive an email pinpointing the specific areas needing improvement, along with guidance to enhance your work.

Up to three submissions are allowed. Additional attempts may incur fees

Expect results within 2-4 weeks after completing all assignments. To prevent delays, ensure your submissions are complete and ready

Video submissions need not include your appearance but are crucial for developing presentation skills. Optional training chapters provide guidelines for successful video creation.

Course access, including resources and certifications, is valid for six months from account activation

A 50% student discount is available. Verification via the Contact Us form is required.

Discounts must be applied at the time of purchase; processing retroactive discounts is complicated.

A full refund is available within three days of course activation, excluding processing fees. You must send an email within three days from purchase to [email protected] requesting refunds and providing purchase details.

Assignments draw primarily from course content, with some requiring additional online research.

AI-generated or copied responses will result in assignment rejection. Authenticity is key to maintaining the integrity of the COTCP certification.

Sample videos are available for review. If difficulties persist, a full refund is available within three days of purchase.

As a self-paced course, completion time varies, but not expected to be less than two weeks.

Ideal for cybersecurity professionals, OT engineers, and IT staff in industrial settings.

Basic cybersecurity and networking knowledge are required. See the Course Prerequisites for details.

Specific requirements are outlined in the course prerequisites.

Yes, through comments, emails ([email protected]), and live webinars for updates and Q&A.

Group discounts are available. Contact us for details. ([email protected])

Yes, inquiries can be sent to our contact email ([email protected])

Our training, based on academic research and practical experience, covers foundational to professional levels, unlike other more academic or narrowly focused courses.

Regular updates are made to course content, supplemented by new webinars and articles.

Post-certification, participants can opt to share their CV for potential job opportunities.

More details on this service will be published soon

24/7 support is provided by Kajabi LMS and our support team ([email protected])

All resources are included, with an option to purchase the course reference book.

Feedback and suggestions are welcome via our contact email: [email protected]