3-Day Instructor-Led Programme
A practitioner programme for security professionals defending energy, utilities, and water infrastructure against nation-state targeting, ICS-specific malware, and NIS2 regulatory obligations. Develop the OT security assessment, network segmentation, and compliance skills to protect critical infrastructure from advanced persistent threats including Sandworm and Volt Typhoon.
Duration
3 Days
Price
$3,493
Energy infrastructure experienced close to 40% of all critical infrastructure cyberattacks in 2025. Nation-state actors, particularly Sandworm and Volt Typhoon, have demonstrated the capability and willingness to attack power grids, water treatment facilities, and industrial control systems. The unique constraints of operational technology environments — where availability and safety must never be compromised — demand a fundamentally different security approach to standard IT defence.
Over three mentor-led days, participants assess and harden OT and ICS environments against nation-state attack vectors, analyse ICS-specific malware including FrostyGoop and VoltRuptor, design network segmentation using the Purdue model, apply NCSC CAF and NIS2 controls to energy sector environments, and conduct hands-on practicals using Dragos and Claroty tooling.
The programme culminates with a capstone security assessment of a simulated energy control environment, producing a risk remediation plan aligned to NIS2 reporting obligations. This course is aligned with NCSC CAF, NIS2, IEC 62443, and NERC CIP awareness requirements for critical infrastructure security professionals.
OT asset discovery lab, ICS malware indicator analysis practicals, Dragos and Claroty hands-on tooling sessions, and a full simulated energy environment security assessment capstone.
Practitioner-led analysis of Sandworm pre-positioning doctrine, FrostyGoop case study, and NIS2 compliance mapping with live commentary on current energy sector targeting in 2026.
OT security assessment methodology, IEC 62443 zone design, NIS2 compliance implementation, ICS malware indicator analysis, and OT-specific incident response planning.
Assess and harden OT and ICS environments against nation-state attack vectors specific to energy, utilities, and water.
Apply NCSC CAF and NIS2 controls to energy sector operational environments with practical precision.
Detect and analyse ICS-specific malware indicators including FrostyGoop, VoltRuptor, and related tooling.
Design network segmentation for IT/OT convergence environments using the Purdue model and IEC 62443.
Conduct an OT asset inventory and exposure assessment without disrupting operational processes.
Produce a NIS2-aligned risk remediation plan for an energy sector operational environment.
Implement OT-specific continuous monitoring using Dragos and Claroty platforms.
Professional experience in OT security, ICS operations, energy sector IT, or operational technology security engineering.
Basic understanding of industrial control system architecture including PLCs, HMIs, and SCADA systems.
Familiarity with cybersecurity fundamentals including network segmentation and vulnerability management.
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
OT security engineers, IT/OT convergence teams, energy sector security leads, SCADA operators, and NIS2 compliance leads working in energy, utilities, or water sector environments.
Take the next step in your professional development