Responding to cyber incidents in OT environments requires domain-specific knowledge, rapid triage capabilities, and the ability to restore operations safely. This course equips participants with the tools and frameworks to manage OT-specific cyber incidents, from detection to post-incident review. Practical simulations focus on containment, coordination, and communication under pressure.
Learning Outcomes:
Identify and categorise cyber incidents in OT systems
Execute incident response protocols for industrial networks
Coordinate with IT and operations teams during incidents
Conduct root cause analysis and lessons learned exercises
Key Topics:
OT incident types and threat actor tactics
Incident response lifecycle and playbooks
Containment and eradication techniques in ICS
Forensics and recovery practices in OT environments
- Threat Intelligence
- First Responder Essentials
- Incident Handling Methodology
- Advanced Attacker Techniques
- IR Tools and Techniques
- Domain Controller Security
- Windows Events
- Malware Essentials
- Lateral Movement Techniques
- Windows Credential Harvesting
- Remote Command Execution / WMI
- Data Exfiltration Techniques
- Forensics Fundamentals
- Chain of Custody Procedures
- Analysis of Netflow, PCAP, Logs
- Forensics on File System, Shellbags, Registry, Memory and Processes
- Network Connections and Browser History
.png?width=50&name=Artificial%20Intelligence%20(AI).png)
-1.png?width=360&name=Server%20(4)-1.png)
/AI%20(6)-1-1.png?width=360&name=AI%20(6)-1-1.png)
/AI%20(8)-1.png?width=360&name=AI%20(8)-1.png)
-1.png?width=360&name=Automation%20RPA%20(2)-1.png)
/AI%20(5)-1.png?width=360&name=AI%20(5)-1.png)
