OT Cybersecurity Professional Training

4-5 JUNE 2025 - Be fully prepared for the GICSP exam.

... > Training Courses > OT Cybersecurity Professional Training

OT Cybersecurity Professional Training

4 & 5 JUNE 2025 | AMSTERDAM

Industrial Control Systems (ICS) form the backbone of everyday life, underpinning everything from critical infrastructure to building automation. This course is a continuation of the OT Cybersecurity Fundamentals Training and will provide you with all the knowledge to be fully prepared for the GICSP exam.

Date : 4-5 June 2025
Location: Secura Office, Amsterdam
Price: €995 excl. VAT

* Note: We also offer this training as an in-company option. Contact us for more information.

OT Cybersecurity Professional Training

If you are interested in this training, please fill out the form and we will contact you within one business day.

Why join the OT Cybersecurity Professional Training?

  • Gain all the knowledge needed to be fully prepared for the GICSP exam.
  • Review and expand on the key topics covered in the OT Fundamentals Training.
  • Explore networks, encryption, and OT network architectures.
  • Understand the ICS landscape, including industrial processes, protocols, and risks.
  • Get introduced to the IEC62443 and NIST CSF frameworks and OT risk assessments.
  • Learn why OT cybersecurity challenges differ from IT environments.
  • Analyze ICS attacks at every level of the Purdue model.
  • Discover how to effectively deploy firewalls within ICS networks.
  • Dive into operating systems and hardening strategies.
  • Apply physical security measures in ICS environments.
  • Understand challenges around antivirus, endpoint security, and OT system patching.
  • Use logging and monitoring to defend ICS networks and support Incident Response (IR).
  • Build an OT asset inventory and implement backup strategies for critical systems.

Intended Audience

This course is specifically tailored for professionals with a foundational understanding of OT cybersecurity, including control system engineers, IT & OT security personnel, and management professionals seeking to deepen their expertise in this critical field. Participants will gain a comprehensive understanding of the complexities of OT cybersecurity, equipping them with the knowledge needed to succeed in the GICSP certification process.

Required Skills & Expertise

It is preferred to have followed the OT Fundamentals Training. Otherwise, having a general knowledge of OT Cybersecurity, including network technologies, the Purdue model, risk methodology, threat actors, threat modelling and fundamental security principles (CIA triad, access control, firewalls, logging, antivirus) is recommended.

Program

The program is divided into four modules, which are given in a two-day course. After completing the course, each participant is rewarded with a certificate.

Day 1

Module 1: Introduction & Recap OT Fundamentals

  • The program starts with a walkthrough of ICS fundamentals: Basic terminology, Industrial processes, control theory, and plant organization basics and quick recap of the OT Fundamentals Training.
  • A basic understanding of networking principles, including the OSI model.
  • A basic understanding of wireless networking, wireless ICS protocols, and the vulnerabilities associated with wireless systems.
  • A basic introduction to cryptography, including symmetric and asymmetric cryptography, hash algorithms and MACs.

Module 2: ICS Protocols, Components and secure ICS network architecture

  • In this module, we cover a range of widely used industrial protocols used in ICS networks.
  • How to design a secure ICS network architecture by segmentation and network boundaries by implementing firewalls, data diodes and Industrial IDS.
  • Explore the ICS attack surface, how to categorize these attacks and how to create attack trees and threat models to these scenarios.
  • Explore the ICS attack surface, techniques for categorizing attacks, and methods for creating attack trees and threat models for various scenarios.
  • Lastly for each Purdue level relevant ICS attacks will be mapped and examined comprehensively.

Day 2

Module 3: Cybersecurity Programs

We will cover the process of establishing a Cybersecurity Program for ICS networks using frameworks and standards such as IEC62443 and NIST CSF. These programs involve creating a variety of documents, including organizational policies and procedures. We will explain to attendees how to develop these policies and procedures and ensure compliance.

Following this, we will guide attendees through the process of conducting a risk assessment to identify potential threats and vulnerabilities. Participants will learn how to perform risk assessments and apply various risk evaluation techniques to assess, analyze, and communicate the identified risks.

Module 4: Security Standards, Threat Modeling & Real-World Case Studies

  • First we will begin by exploring the concept of an asset inventory, focusing on how to create a comprehensive ICS asset inventory and addressing the challenges associated with developing and maintaining it.
  • Next, we will cover physical security controls, specifically how to protect an ICS facility through the implementation of effective physical security measures.
  • We will learn what OS hardening is and how to harden different kinds of operating systems.
  • We will learn about different endpoint protection and antivirus solutions implemented in ICS networks, along with the challenges involved in implementing and maintaining these solutions.
  • We will examine how to implement essential security controls such as patch management for OT systems, as well as the complexities of ensuring effective patching. Additionally, we’ll cover the importance and best practices for implementing system backups.
  • Finally, we will highlight the importance of logging and monitoring within the ICS network and discuss how to build a robust incident response strategy to effectively manage and resolve security incidents.

Meet The Trainer

Dominika Rusek Jonkers

Dominika Rusek Jonkers is Senior Security Specialist at Secura. She brings over 10 years of expertise in industrial cybersecurity.


Her extensive experience spans technical assessments of Industrial Control Systems (ICS), penetration testing, Tactical Network Exploitation (TNE), Red Teaming (including Active Directory compromise), and executing remediation programs. These include implementing ICS monitoring solutions, such as Claroty, Nozomi, and CyberVision, as well as designing robust network segmentation strategies.

Dominika’s skill set also includes hardware hacking on IoT/IIoT devices and advanced threat hunting in ICS networks.


Her passion for knowledge sharing is evident in her role as a trainer, where she facilitates dynamic courses on topics like OT security fundamentals, ICS technical assessment methodologies, and ICS monitoring crash courses.

Quote by

More Information & Registration

If you are interested in this training, please fill out the form and we will contact you within one business day.

USP

Why choose Secura | Bureau Veritas

At Secura/Bureau Veritas, we are dedicated to being your trusted partner in cybersecurity. We go beyond quick fixes and isolated services. Our integrated approach makes sure that every aspect of your company or organization is cyber resilient, from your technology to your processes and your people.

Secura is the cybersecurity division of Bureau Veritas, specialized in testing, inspection and certification. Bureau Veritas was founded in 1828, has over 80.000 employees and is active in 140 countries.