Attacks and Vulnerabilities
Critical infrastructure
ICS Cyber Security Training
News
The Skills Gap - Training & Development
Vendors

Dragos Academy builds ICS cybersecurity skills in OT environments

December 10, 2021
Dragos Academy

Industrial cybersecurity vendor Dragos announced this week Dragos Academy, a comprehensive educational and training program available to its customers and partners. The Dragos Academy intends to strengthen practitioners’ overall ICS/OT cybersecurity skills while assisting them in completely operationalizing and accelerating the time-to-value of the Dragos Platform. 

The Dragos Academy helps close the operational technology (OT) skills gap and lessen the burden of talent shortage by raising the level of cybersecurity expertise across the ICS/OT community through a curriculum that is continuously developed and updated by cybersecurity practitioners. The academy also works towards improving OT/ICS practitioners’ ability to prevent, detect, and respond to cyber-attacks in the OT environment. With hands-on and instructor-led training, in a classroom or in a virtual setting, the on-demand training is available to Dragos customers anytime and anywhere.

The Dragos Academy is available to Dragos customers and geared towards those who utilize the Dragos Platform to monitor and protect critical infrastructure and other industrial environments. The online educational portal and on-demand cybersecurity training opportunities are optimized for both desktop and mobile environments so that participants can incorporate learning into their schedules and progress at their own pace.

A recent survey conducted by the Ponemon Institute and sponsored by Dragos found that as organizations recognize the criticality of protecting OT with OT-specific approaches, they are grappling with a cybersecurity skills gap among their OT and IT teams. Forty percent of organizations listed training for OT and ICS cybersecurity skills among their top three investment priorities for ICS and OT cybersecurity in 2021, the survey revealed.

Coming close on the heels of Dragos’ Series D funding of US$200 million in late October, the academy comes at a time when the U.S. Department of Homeland Security turned its focus towards improving federal cybersecurity talent, working more aggressively to recruit, develop, and retain top cybersecurity professionals. Last month, the EU Agency for Cybersecurity (ENISA) also identified a cybersecurity skills shortage. The number of skilled and qualified workers is not enough to meet the demand, and national labor markets are disrupted worldwide as a consequence.

The course syllabus at Dragos Academy will assist participants in learning about the various types of ICS (Industrial control system) environments, as well as their functions and compositions. As part of this module, other topics covered will include ICS network architectures, various types of devices, industrial programming languages such as ladder logic, and ICS communication protocols such as ModbusTCP, DNP3, and Profinet.

The second module works towards assessing the industrial environment, where learners will act as ‘red team’ members and learn how to safely assess ICS environments. A red team exercise is a cybersecurity assessment technique usually designed to reveal vulnerabilities in a company’s security through hands-on testing, uncovering exposure and blind spots in the defenses of an organization’s processes and network safety. As part of this module, four types of assessments will be covered including architecture review, vulnerability assessment, penetration testing, and red team. Students will use purpose-built red team virtual machines to assess their environments.

In the third module, learners will gain access to OT security operations, incident response, and intelligence. Here, they will be exposed to attacks modeled after real-world advanced threats while acting as SOC analysts, performing continuous monitoring, investigation, case management, and other SOC-related responsibilities using the Dragos Platform.

The fourth module covers various tools, strategies, and techniques for successful hunting in ICS. Here, participants will learn Dragos’ threat hunting methodologies, including planning, hypothesis generation, collecting and analyzing data, and automating lessons learned post-hunt. They will then act as threat hunters through a variety of scenarios covering industrial networks and network/host artifacts.

The online education portal offers content and video-on-demand cybersecurity training sessions to help Dragos customers gain a better understanding of their ICS/OT networks and the industrial-specific security challenges they face, while the in-person courses cover ICS/OT cybersecurity best practices and industrial security methodologies and technologies. In addition to the classroom component, these training courses will include several  ICS cyber ranges and individual training stations with functional control system kits for hands-on learning.

The curriculum at Dragos Academy “will extend far beyond our products and is being developed to cover everything from ICS basics and industrial security best practices to more specialized topics,” Ben Miller, Dragos’ vice president of professional services and R&D, said in a media statement. “IT security professionals can expand their knowledge of industrial environments and OT engineers can learn more about securing systems that connect to IT networks.”

Earlier in September, another industrial cybersecurity company Applied Risk released its TactICS suite that will provide ICS and OT professionals with higher cybersecurity awareness and skills for interacting with OT environments. It enables the key principle of continuous learning to keep up pace with the rapidly changing threat landscape and delivers a comprehensive approach that stimulates OT security awareness and skills not only for teams working with OT infrastructures but also beyond the obvious groups.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
Waterfall’s WF-600 unidirectional security gateway brings 'unbreachable protection' to OT/ICS networks
Waterfall, 2TS enter into cybersecurity alliance for African market
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading
CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved