Cybersecurity in Critical Facilities

Introduction

This course is designed to address the growing cybersecurity threats facing critical infrastructure. It equips professionals with the tools and frameworks to protect digital systems, industrial control networks, and sensitive operational data from cyber attacks that could disrupt essential services or cause physical harm.

Objectives

By the end of this course, participants will be able to:

• Understand cyber threats targeting critical infrastructure
• Identify vulnerabilities in OT/IT environments
• Apply security controls to protect SCADA and ICS systems
• Implement cyber incident response protocols
• Comply with cybersecurity regulations and standards
• Foster collaboration between IT and security departments

Target Audience

This course is ideal for professionals working in:

• Oil & gas and energy sector facilities
• Power generation, utilities, and communication hubs
• Industrial plants with automated systems
• Airports, ports, and national infrastructure
• Government cyber and emergency units
  Including roles such as:
• Cybersecurity officers and IT managers
• SCADA/ICS engineers and automation teams
• Security operation center (SOC) personnel
• Risk, compliance, and audit teams
• Engineers supporting control rooms and networks

Course Topics

• Overview of cybersecurity and national threat landscape
• Common attacks on critical infrastructure (ransomware, DDoS, phishing)
• Mapping and securing critical digital assets
• Industrial Control System (ICS) and SCADA vulnerabilities
• Segregation of OT and IT networks
• Endpoint and network hardening best practices
• Implementing firewalls, IDS, and access restrictions
• User identity and access management
• Security patching and update protocols
• Data backup and recovery strategies
• Cyber incident detection and response planning
• Security Information and Event Management (SIEM) tools
• Legal obligations and cybersecurity governance standards
• Coordination with national CERTs and regulators
• Developing a facility-specific cybersecurity policy