top of page

Design, Deliver, Defend


This 5-day, instructor-led course, focuses on common OT security frameworks and unpacks how you apply security practically. By addressing foundational requirements, it is possible to deliver a robust deployment that will not only stand the test of time but deliver security that is embedded into the design.


You will gain an understanding of security requirements and how to translate these into scalable reference designs. With a focus on technical applications of security, you will learn what it takes to implement a defence in depth approach. 


It's time to think about security differently.  Register for this course to find out how.





2 - 6 September

Training Hub - Cheadle

£3300 / €4250 / $4250

14 - 18 October

Training Hub - Cheadle

£3300 / €4250 / $4250

25 - 29 November

Training Hub - Cheadle

£3300 / €4250 / $4250


Day 1

Learning Outcome: Understand governance, standards and how this can influence system designs.

  • IEC 62443 overview with practical application

  • MITRE ATT & CK Framework

  • NCSC Cyber Assessment Framework (CAF)

  • Secure by design concepts

  • Reference Architectures

  • Zones and Conduits

Day 2

Learning Outcome: Securing the network and mitigating threats.

  • Network fundamentals

  • Securing the network

  • Risks with 'out of the box' configurations

  • Network Protocols

  • Exploiting common OT Protocols

  • Firewalls and edge devices

  • Network hardware exploits

Day 3

Learning Outcome: Spotlight into penetration testing. Explore how default/weak configuration across the network and operating system can put your deployments at risk and how to remediate.

  • Introduction to Penetration testing

  • Explore weakness in Networking and how to exploit

  • Explore weakness in default windows/non patched and how to exploit

  • Weak passwords

  • SNMP risks

  • SMB risks

  • Port scanning and enumeration

  • Using penetration testing tools for system validation

Day 4

Learning Outcome: Using built in tools, toolkits and configuration to make Microsoft Windows more secure.

  • Active Directory SCADA – using Group Policy to manage and secure systems

  • Standalone SCADA - Windows Workgroup security

  • Application Whitelisting

  • USB protection

  • Patch management

  • Moving data between low and high security zones

  • Firewalls/Data Diodes/Content Deconstruction, Disarm, Reconstruction and Transposition

  • Windows Device hardening

Day 5

Learning Outcome: Practical application of learning throughout the course. Build a small network, securing devices along the way, applying defined security standards and modifying to meet project/business requirements.

  • Debloat Windows and reduce attack surface

  • Apply defined security baseline(s)

  • Review Configuration with security and automation tool(s)

  • Security assessment and baseline validation before entering into a Factory Acceptance Test (FAT) cycle

  • OT Network monitoring

  • OT End point Security using AI

  • OT Secure Remote Access

Who should attend?

Designed to meet the needs and experience level of Automation Engineers responsible for managing today’s connected IT/OT world.


The course also provides a good platform for aspiring OT security professionals.


Anybody who has responsibility for cyber security in an OT environment. This includes IT and Automation managers and engineers, technicians or IT professionals.


A basic understanding of IT/OT governance, industrial networking, foundational knowledge in Microsoft Windows operating system(s) and awareness of Linux.

Labs are structured to allow those who are self sufficient to proceed at their own pace with optional modules.

bottom of page