A guide to kick start and successful career in OT Cybersecurity.
Are you interested in becoming an expert in OT
(Operational Technology) Cybersecurity? Look no further! Our blog is here to guide
you on your journey from a beginner to a seasoned professional in the field of
OT Cybersecurity. In this blog, we provide valuable insights, tips, and
strategies to help you understand the fundamentals of OT Cybersecurity and
develop the necessary skills to protect critical infrastructure systems.
Whether you're new to the field or looking to enhance your existing knowledge,
our comprehensive articles cover a wide range of topics, including:
- Introduction
to OT Cybersecurity: Learn about the unique challenges and threats faced
by operational technology systems and the importance of securing them.
- Best
Practices and Frameworks: Discover industry-standard frameworks and best
practices for implementing effective OT Cybersecurity measures.
- Risk
Assessment and Vulnerability Management: Understand how to identify and
assess risks, as well as implement strategies to mitigate vulnerabilities
in OT systems.
- Incident
Response and Recovery: Gain insights into developing incident response
plans and strategies to effectively respond to and recover from cyber
incidents in OT environments.
- Emerging
Trends and Technologies: Stay up-to-date with the latest trends,
technologies, and innovations in the field of OT Cybersecurity.
The cybersecurity workforce is facing a significant shortage, with a Forbes report from December 2022 highlighting the gravity of the situation. The United States alone had 700,000 unfilled cybersecurity positions, and globally, the industry was short by approximately 3.4 million professionals. This gap represents a critical challenge for the security of digital infrastructures worldwide.
The field of OT Cybersecurity is specialized and there is a
lack of skilled workforce. According to SANS Institute white
paper The State of ICS/OT Cybersecurity in 2022 and Beyond"The
ICS security workforce is becoming more skilled and valued".
The Journey towards a successful OT Cybersecurity Career can
be divided into 5 distinct phases. These phases would need different amount of
time based on the background and experience of a candidate in Computer Systems
or Control Systems.
The five phases are:
- Before
the Journey
- Prerequisite
- Tradecraft
- Practice
- Before
the Journey
This phase is the important ground work for getting into
computer and Information technology. Knowing a Language is helpful in many ways
and at various levels in your career. I have neglected this part in my
graduation and had to be dependent on colleagues for small roadblocks. This
knowledge can be gained either through your education or through the online
courses available for free. Few of My favourites are:
- Learn Python the
Hard Way
- Python Tutorials
- Python
full course for Beginners by mosh
- Python
for Everybody - Full University Python Course (Recommended)
- Learn
C Programming with Dr. Chuck (feat. classic book by Kernighan and Ritchie)
2. Prerequisites
Getting into OT Cybersecurity needs to understand the
concepts of Computer and Network Security in general and Control and Automation
Systems in particular. There are lots of resources available again for
understanding the Computer and Network Security and my curated list is as
below:
- Become a Cybersecurity Professional
- SANS Reading
Resources
- David
Bombal's Youtube Videos especially on Wireshark
and Ethical Hacking (Though the entire library is amazing)
The second important Skill is understanding the Control And
Automation Systems. There are few old videos that explain this in details:
- PLC
Programming by PLC Professor
- RealPars
Videos
- Understanding
SCADA
- Energy 101 Series of Videos
- Wastewater
Treatment Plant
- OEM
Sites Like Siemens, Rockwell, Schneider, GE Etc
3. Tradecraft
Now that you understand the Computer security and Control
system both. The next step is to learn the Cybersecurity Specific to ICS. There
are few free resources that can really help you on this.
- SANS ICS Library
- SCADA hacker
Library
- ICS kill
Chain whitepaper
- Resources by Dragos
- S4 Event
Video Library
- ICS Training by CISA(US)
- ICS Advisory
Dashboard
- Industrial Cybersecurity Books by Pascal Ackerman
4. Practice
Practicing the tradecraft is very essential as this will
boost confidence and organise the learning. You may need to build small labs to
practice. These tools and books will help you get this.
- Awesome ICS Git Repo by hslatman
- ICS
Security Tools Git Repo
- Cybersecurity for Industrial Control Systems: SCADA, DCS,
PLC, HMI, and SIS
- Industrial Cybersecurity: Case Studies and Best Practices
- CLaroty Resources
Library
- Nozomi
Resources Library
During this phase you should also acquaint your self with
the Industry standards like IEC/ISA 62443 which is the standard for
Industrial Automaton and Control Systems Security. Other reginal standards
shall also be learnt like NERC-CIP, CSA(Singapore) etc. ISO standards are also
available for few OT specific application like ISO 27019 (Information Controls
for the Energy Utility Industry)
Gaining a certificate would boost your employability and
confidence. I intentionally dd not put the certification in the previous phase
as certification without practice is useless and you would forget the knowledge
in few days. Few ICS specific certifications are:
ISA/IEC 62443 Cybersecurity Certifications
SANS Global Industrial Cyber Security Professional (GICSP) Beginner
Level
SANS Global Response and Industrial Defense (GRID) Advanced Level
SANS GIAC Critical Infrastructure Protection (GCIP) Beginner
level
0 Comments