Course overview
This course aims to assist students in developing a balanced perspective on the technical and governance aspects of Critical Infrastructure Protection (CIP). Cybersecurity professionals are likely to work with or for Critical Infrastructure (CI) organisations that operate Cyber-Physical Systems (CPS) deemed essential to the functioning of society. Examples of high-profile CI sectors include energy, water, transport, food, and communications, all of which rely on Industrial Control Systems (ICS) and Operational Technologies (OT). These systems have little tolerance for disruption and require a unique approach to both security and compliance, which will be introduced in this course along with more acronyms. The course includes: Critical Infrastructure Protection; Analysis of the societal implications of security threats to CI, including the technology landscape of each unique CI sector; Cyber-Physical System Security; Analysis of security engineering techniques for OT and IoT, covering unique CPS considerations and the convergence of OT and IT; Control System Governance Apply key industry security standards like IEC 62443 to ICS and the Industrial Internet of Things (IIoT) in a CI context; Regulatory Compliance; Create CI security strategies that comply with regulation, such as the Australian Security of Critical Infrastructure (SOCI) Act.
Course learning outcomes
- Understand and evaluate the vulnerability of Critical Infrastructure
- Understand the principles issues involved in protecting and securing process control systems
- Examine technical specifics about the vulnerabilities of critical infrastructure service delivery with an emphasis of those services dependant on control systems reliability and recoverability
- Develop and implement effective administrative and technical risk management plans to protect and secure process control systems