ICS/OT Security Certification Course

As industrial systems converge with digital and AI technologies, securing Industrial Control Systems (ICS) and Operational Technology (OT) is mission critical. With escalating cyber threats, regulatory pressures, and AI-driven automation, organizations must rethink how they secure their most vital assets.

What sets this course apart? A fusion of Design Thinking, Data-Driven Storytelling, and industry-specific case studies. You’ll work through live threat scenarios, defense-in-depth templates, incident playbooks, compliance frameworks, and hands-on demos—tailored for manufacturing, energy, utilities, and critical infrastructure environments.

Contents:

Day 1: Foundations of ICS/OT Security & Operational Realities

Theme: Understanding ICS/OT from Ground Zero to Compliance-Ready

1. ICS/OT Security–Context, Evolution, and Convergence

• Why ICS/OT security matters more than ever

• IT vs. OT vs. IoT vs. IIoT—distinctions, overlaps, and convergence

• Case Studies:

o Stuxnet: Genesis of ICS cyber warfare

o Colonial Pipeline: How IT-OT interlink caused widespread disruption

• Visual Data Walk through: ICS attack time lines and network paths

2. ICS/OT Architecture Deep Dive

• Anatomy of industrial control environments

• Purdue Model (2.0→3.0), ISA/IEC 62443 zone-conduit alignment

• OT protocols: Modbus, DNP3, OPC-UA, BACnet—attacksurfaces

• Legacy systems and air-gapping myths

• Exercise: Visualizing a critical infrastructure network using Purdue layers

3. Threats, Adversaries and Kill Chains

• Who attacks ICS/OT and why: APTs, hacktivists, insiders

• MITREATT & CK for ICS vs traditional MITRE

• ICS-specific kill chain stages: weaponize, deliver, manipulate

• Case Studies:

o Triton: Safety system compromise and implications

o Industroyer2: Grid manipulation in Ukraine

• Activity: Threat mapping exercise on a real SCADA map

4. Asset Visibility & Passive Monitoring

• Why asset visibility =control

• Passive vs. active discovery: tools and risks

• Tools comparison: Claroty, Nozomi, Dragos, Armis

• Hands-On Scenario: Build a real-time ICS inventory with hidden dependencies

• Compliance Mapping: 62443-3-3SR2.x&3.requirements

5. ICS Risk Management & Governance Frameworks

• ICS Risk Modeling Approaches (FAIR for OT, qualitative scales)

• Criticality+Exposure+Vulnerability=Risk

• Stakeholder roles and accountability matrix

• Governance Playbook: Role mapping between CIO, CISO CRO, OT Manager

• Case Study: Misaligned ICS risk ownership leading to production halt

6. ICS/OT Compliance Deep Dive

• Overview of key frame works:

o ISA/IEC 62443 (all parts:1-1,2-1,3-2,3-3,4-2)

o NIST CSF for ICS(800-82)

o NERC CIP (for energy sector)

o NIS2 Directive, ISA Guidelines,ISO27019

o API Std 1164 (for pipeline security)

• MappingMatrixExercise: Cross-mapping62443↔NIST↔NIS2

• Self-assessment workbook: OT compliance gap analysis

• Exercise: Build a compliance roadmap with zone-level security levels (SL-T)

Day 2: Detection, Response, Engineering Resilience, and Future proofing

Theme: Operationalizing Security & Designing Resilient ICS/OT Systems

8. Secure ICS/OT by Design

• Secure design lifecycle (ISA/IEC 62443-1-1)

• Security Level Targets (SL-Ts) and implementation tiers

• Configuration Hardening: HMI, PLC, RTU, Historian

• Use Case Exercise: Design a secure waste water treatment ICS from scratch

• Playbook: OT hardening checklist by asset type

9. Threat Detection, Monitoring & Anomaly Analysis

• Building OT SOCs: how they differ from ITSOCs

• Behavioral anomaly detection tools vs. signature-based approaches

• Integration with SIEM/SOAR platforms

• Case Study: Ukraine2015 blackout—detection lag and impact

• Activity: Threat hunt simulation using telemetry and logs

10. Incident Response (IR) & Business Continuity in ICS

• ICS-specific IR lifecycle: containment→stabilize→restore

• Cold vs. hot standby challenges in OT

• Playbook: ICSIR Run book & communications matrix

• Hands-On Scenario: ICS ransomware containment in manufacturing

• Data Storytelling: IR cost, downtime vs. proactive controls

11. Advanced Threat Hunting in ICS/OT

• Indicators of compromise specific to control systems

• Memory analysis, firmware integrity checks

• Telemetry and logic-based hunting

• Exercise: Simulate a hunt across a hybrid SCADA and IT environment

• Tools Demo: Zeek, Wireshark, ELK+DragosOTtelemetry

12. Supply Chain & Third-Party Risk Management

• Vendor risks: PLC firmware, SCADA integrators, remote maintenance

• Mapping to 62443-4-1 and 2-4 (secure components & supplier practices)

• SBOM for ICS/embedded: creation and validation

• Case Study: Solar Winds-like SCADA compromise

• Compliance Workbook: Third-party vetting checklist

13. Resilience Engineering & Zero Trust in OT

• From cybersecurity to operational resilience

• Zero Trust in ICS: Practical pilots and limitations

• Role of micro segmentation, DMZs, industrial firewalls

• Business Justification: Linking OT resilience to uptime, safety & ROI

• Future Proofing: AI/ML use cases in predictive security (vs. marketing hype)

14. Board- Level Narrative & Stakeholder Communication

• Communicating OT security risk to non-technical executives

• Translating technical maturity in to operational impact

• Creating visual dashboards: Downtime, risk, maturity, compliance

• Pitch Deck Exercise: Justify a $5MOT security upgrade budget

Course Deliverables

• 14 Modular Playbooks
• 10+Real-WorldCaseStudieswithVisualAids
• Compliance Mapping Sheets(62443↔NIST↔NIS2)
• Threat Mapping and IR Simulation Packs
• Editable Security Architecture & Policy Templates
• Maturity Assessment Tracker(Excel)

Who should attend:

• OT/ICS Security Engineers
• Industrial Cyber security Teams
• Risk and Compliance Officers in Manufacturing, Energy, Utilities

Speaker Profile:

Rammohan is a highly accomplished Technology Leader with over 28 years of IT experience, including 17+ years in leadership roles spanning Hybrid Cloud, AI Security and Managed Services across the EMEA and APAC regions. As a former Associate Director at IBM/Kyndryl, he led global teams of 100+ professionals, earning recognition as a top-rated people manager for his ability to inspire, mentor and drive results.

A renowned technology trainer and coach, Rammohan specializes in Gen AI, ISO 42001, DORA, AI GRC, EU AI Act, ICS/OT Security and Hybrid Multi-Cloud, simplifying complex concepts to empower businesses and professionals in adopting cutting-edge innovations. As a keynote speaker and technology blogger, he leverages Design Thinking and Case-Study methodologies to deliver engaging, hands-on training. With expertise in large-scale ERP implementations for Fortune 1000clients, he is a trusted advisor on Gen AI, AI Security and IT Governance (ISO 42001& 27001) makes him a sought-after expert for organizations navigating digital transformation.

Rammohan is a trusted technology advisor for startups worldwide, helping emerging Gen AI companies shape their strategies and scale innovation. As a member of multiple advisory boards, he plays a pivotal role in driving AI adoption and security best practices across industries

Delivery: ZOOM Meeting

Contact Details :

Revati Khare || DEPUTY  DIRECTOR
Email : revati.khare@bombaychamber.com
Mobile No : 9892029473