- Posted by fedco
- On January 6, 2020
- scada ics security training, scada security training
Nowadays, where the cyber threats becoming more frightened and complex (in term of form and the propagation), bringing the higher demand to the Supervisory Control and Data Acquisition (SCADA) Industrial Control System (ICS) environment to ensure its security across its domain.
Meanwhile, as the one of the challenges that being faces by the SCADA ICS environment is the lack of the SCADA ICS security professionals that understand and able to ensure the requirements of being industrial secure across the environment.
Sooner or later, the shifting paradigm of being only as Instrument and Control engineer should be leveraged into the more comprehensive definition, to include the SCADA ICS Cyber Security domain as one of the top priority to be explored, implemented and maintained across the environment.
Without having proper education and training, combine with daily working activities, there will be no such capable SCADA ICS security stock available at the market to cover the higher demand in the future. (Please see more discussion on which SCADA ICS security training should be taken by the designated professionals, the certified vs. non certified SCADA ICS security training).
SCADA ICS security training that should be participated by Instrument and Control professionals should cover broad and deep exposure of preparing them to become the next SCADA ICS security professionals by understanding the fundamental principles of IT and ICS engineering, IT cyber security, mapping those domains of knowledge into the SCADA ICS security, and be exposed with some real case scenario to strengthen the way of thinking.
Some SCADA security trainings that being offered worldwide currently only put emphasize on how to find vulnerabilities of the SCADA ICS environment through conventional IT approach named Vulnerability Assessment and verify/validate those vulnerabilities (Industrial Control System vulnerabilities and threats) by the method called Penetration Testing. Meanwhile the SCADA ICS security assurance is not just talking about Vulnerability Assessment and Penetration Testing only, but it should cover broader point of view and digging deeply in securing the asset through thorough approach, governing the management system and resources, optimizing the asset and implementing the proper security guards by adhering to some principles as per recommended by some Industrial Standards, such NIST SP 800-82 ” Guide to Industrial Control System (ICS) Security”. (Please see more on Vulnerability Assessment and Penetration Testing in online SCADA ICS environment journal in our post for more detail depiction on this subject).