Mandiant - Fundamentals of Industrial Control Systems (ICS) Security (on-site & remote)

May 12 & 13, 2024

Course Objectives

This two-day course provides IT security professionals and ICS/OT engineers interested in ICS/OT security with the fundamental knowledge and skills required to build and expand an ICS/OT security team.

Learners will become familiar with ICS/OT security concepts, secure architecture, threat models and ICS/OT security standards and best practices. The course will also discuss today’s security trends and the current threat landscape. Throughout the course, exercises and demonstrations inspired by actual cases and incidents in the ICS world will enable learners to advance their knowledge in their day jobs.

Learning Objectives

After completing this course, learners should be able to:

  • Understand ICS/OT security history, today’s trends and threat landscape
  • Discuss ICS/OT standards and best practices: NIST SP800-82, IEC62443, MITRE ATT&CK for ICS framework
  • Describe the Purdue model of architecture, defense in depth, and secure ICS/OT network zoning and segmentation.
  • Understand the elements of effective ICS/OT security monitoring and incident response programs
  • See how a set of selected useful ICS/OT security tools could be used.

Who should attend

IT security professionals and ICS/OT engineers developing a ICS/OT security foundation.


Knowledge of ICS, DCS, SCADA, Modbus, OPC, IP address and IP packet.

What to bring

Recommended Windows 7 or higher to install Wireshark and NetworkMiner (free version). Students may use macOS if they can successfully install both Wireshark and NetworkMiner (free version). If not, we recommend installing Windows on a VM.


Chris Sistrunk, PE , Mandiant

Chris Sistrunk is a Technical Leader in Mandiant’s Consulting practice, focusing on cyber security for industrial control systems (ICS), operational technology (OT), and critical infrastructure for over 9 years. As technical leader of the ICS/OT Consulting team, Chris leads ICS/OT assessment methodology development, helps clients better secure their ICS networks, analyzes client networks for threats, assists Mandiant incident response investigations involving control systems, and teaches Mandiant’s ICS security training courses.

Camille Felx Leduc , Mandiant

Ms. Felx Leduc is an ICS Senior Security Consultant in Mandiant’s Canadian practice. As part of the ICS Services team, Camille supports clients with better securing their ICS networks, analyzes client networks for threats, and supports clients with strategic assessment, roadmap development, and initiative implementation, including Security Program Assessments, and threat modeling.

Return to training sessions