COURSE OVERVIEW

This practical and highly-interactive course includes various practical sessions and exercises. Theory learnt will be applied using our state-of-the-art simulators.

This course is designed to provide participants with a detailed and up-to-date overview of OT Security Information and Event Management (SIEM). It covers the differences between IT and OT security; the common OT cyber threats and attack vectors; the fundamentals, architecture and deployment models; the log sources, data collection and compliance and regulatory requirements; planning an OT SIEM deployment and integrating SIEM with ICS and SCADA systems; the event correlation, threat detection, log normalization and parsing in OT SIEM; the real-time security monitoring with SIEM dashboards; and the network traffic analysis and OT anomaly detection.

During this interactive course, participant will learn the SIEM integration with threat intelligence feeds and early threat detection in OT networks; automating incident response using SIEM; the industrial intrusion detection systems (IDS); the AI and machine learning for SIEM in OT environments; the response and containment strategies for OT cyber incidents; the SIEM performance optimization, continuous security monitoring, compliance auditing and forensic investigation; the patch and vulnerability management integration; and the future trends in OT SIEM and industrial cybersecurity.