Upon completion of this course, participants will be able to:

• Apply the principles and terminology of the **ISA/IEC 62443** standard to industrial control systems.
• Conduct a systematic **cybersecurity risk assessment** specific to SCADA/ICS environments.
• Design and implement **security zones and conduits** to segment the control network (Defense-in-Depth).
• Develop and enforce policies for secure remote access and effective patch management in the OT environment.
• Identify common attack vectors and implement mitigation controls on SCADA servers and field devices.
• Understand the critical security requirements for industrial protocols (e.g., Modbus, DNP3, OPC UA).
• Establish an effective **Incident Response Plan (IRP)** tailored for a compromised control system.
• Manage the security lifecycle of all SCADA components, from design through decommissioning.

• Industrial Cybersecurity Specialists and Architects
• SCADA/ICS Administrators and Managers
• OT Network and System Engineers
• Compliance and Risk Management Officers in critical infrastructure
• IT/OT Integration and Security Teams
• Internal Auditors focused on ISA/IEC 62443 compliance

• Scenario-based tabletop exercises on managing and recovering from a simulated industrial cyber-attack.
• Group activity: designing a ISA/IEC 62443-compliant zone and conduit architecture for a simulated plant network.
• Individual exercises in drafting a secure remote access policy for third-party system integrators.
• Case studies of real-world attacks used to derive security lessons learned.
• Discussions on the organizational and budgetary challenges of achieving ISA/IEC 62443 compliance.

Unit 1: Industrial Threat Landscape and Risk Assessment

• Analyzing the motivation and capabilities of threat actors targeting ICS/SCADA
• Case studies of major industrial cyberattacks (e.g., Stuxnet, Triton, Colonial Pipeline)
• Identifying the unique vulnerabilities of proprietary protocols and legacy systems

• Conducting a risk assessment focused on **consequence of failure** (safety, environmental, financial)
• Mapping and classifying critical assets and dependencies within the control network

Unit 2: ISA/IEC 62443 Framework and Zoning

• Introduction to the key parts of the ISA/IEC 62443 standard (Part 2-1, 3-3, 4-2)
• Defining and assigning **Security Levels (SL)** to assets and zones

• Designing the control network using **Security Zones and Conduits** for logical segmentation
• Implementing access control and firewall rules on the conduits between zones

Unit 3: Defense-in-Depth Implementation

• Designing the secure boundary between the IT and OT networks (industrial DMZ architecture)
• Hardening operating systems, SCADA servers, and field devices (PLCs, RTUs)

• Implementing robust user authentication, authorization, and access control (AAA) for SCADA applications
• Developing secure methods for managing vendor and remote maintenance access

Unit 4: Patching, Vulnerability, and Compliance

• Developing a vendor-approved and low-risk **patch management** strategy for OT assets
• Managing configuration change control to prevent security drift

• Procedures for conducting internal audits against ISA/IEC 62443 requirements
• Overview of other regulations (e.g., NERC CIP, NIS Directive) influencing SCADA security

Unit 5: Incident Response and Governance

• Developing an **Industrial Incident Response Plan** that prioritizes safety and continuity
• Establishing procedures for forensics, containment, and system recovery after a breach

• Defining roles and responsibilities for security across the IT and OT organizations
• Managing the security lifecycle of SCADA software and hardware components