• es_ES
  • en_GB
  • es_ES
  • en_GB
hello@groupmainjobs.com 900 812 816
  1. Start
  2. COGITI – Cybersecurity in industry 4.0

COGITI – Cybersecurity in industry 4.0

Join the community of 4,000 professionals that will make industry 4.0 companies safer

Cybersecurity online course in industry 4.0

Include these certifications on your CV and LinkedIn profile.

Get your place at no cost

Theoretical-practical training with a cyberattack simulation system. 

2 months. Modality: teletraining.

Totally free.

This training is aimed at: 

Engineers and Graduates in Industrial Technical Engineering and related fields.

University students of this branch and other related ones.

Contents:

Module 1

INTRODUCTION TO CYBERSECURITY – 36 hours

What are you going to learn in this module?

  • Analysis and identification of technological risks that may affect the company/organization.
  • Ability to improve the resilience of the digital systems that support the company.
  • Obtaining knowledge for the development of an information security strategy and generation of competitive digital models.
CONTENTS

Knowledge of cybersecurity fundamentals.

  • Organizational Models.
  • Basic and technological concepts.

Role of people.

  • Identification of threats, attacks and system vulnerabilities.

Type of threats and relevant actors in Cybercrime.

  • Conducting a security and risk management assessment.

Risk Management Methodology.

Scope, Critical assets, Identification and assessment of business risks.

Threats and safeguards.

Business Continuity.

Risk management cycle.

Governance Models and Information Classification.

Standards and regulation.

  • Information Security Management: ISO 2700, 27001, 27002, 27005.
  • Risk Management: ISO 31000, 31010, COBIT 5, NIST 800-39.
  • Risk Assessment: NIST 800-30.
  • Security Controls: NIST 800-53.
  • Specific: GDPR (Data Protection), OWASP (Web Application Security), PCI-DSS (payment cads), etc.
  • Risk Framework: NIST Framework.
  • Threats of ICS: NIST 800-82.
  • IACS standards: ISA/IEC-62443.

Incident Management.

  • Knowledge of systems security.

Hardening: Software, Hardware and Networks.

  • Operating systems.
  • Applications
  • Servers, Workstations, Mobile Devices.
  • Databases.
  • Network Devices and Industrial Systems.
  • Approach to the components of network security.

OSI levels (Open System Interconnection Model).

TCP/IP model: DNS, FTP, IMAP, TCP, IPv4, IPv6, HTTP protocols.

Encapsulated.

Network Security Components.

  • Firewall.
  • Intrusion Detection Systems (IDS).
  • Intrusion Prevention System (IPS).
  • Wireless Intrusion Detection and Prevention System (WIDPS).
  • Unified Threat Management (UTM).

Module 2

INTRODUCTION TO THE INDUSTRIAL FUNDAMENTALS OF OPERATION TECHNOLOGIES – 36 hours

What are you going to learn in this module?

  • Knowledge of Industrial Networks and the protocols that support devices and their connectivity.
  • Obtaining skills to understand the digitalization of the Industry and the technologies and components that support these transformation processes.
  • Raising awareness about the importance of teamwork, collaborating with experts from other areas and in different contexts to increase the security of facilities against computer attacks.
CONTENTS

Introduction to the essential aspects of the industry.

  • Industrial Manufacturing: common systems.
  • The Industrial Revolutions.
  • Industry 4.0: digitalization.
  • Smart and connected Industry.

Recognition of the fundamentals of industrial process control.

  • Types of industrial processes.
  • The Industrial Revolutions.
  • Fundamentals and types of Control Systems.
  • ICS: Industrial Control Systems.

P.I.D.

RTU

HMI

PLC

SCADA

DCS

Implementation of industrial instrumentation.

  • Sensors.
  • Converters.

Identification of industrial communications systems.

ETHERCAT.

Integrated production systems.

  • Industrial automation.
  • Material management and identification systems.
  • Industrial Robotization.
  • RFID and other identification protocols.

Implementation of advanced manufacturing systems.

  • Industrial machinery classification.
  • Assisted manufacturing MES systems.
  • Digitalized Industrial Operations: tools, evolution and implementation.

Approach to Industry X.0.

  • Introduction to Industry 4.0 and subsequent versions.

Module 3

INTRODUCTION TO ADVANCED INDUSTRIAL CYBERSECURITY – 24 hours

What are you going to learn in this module?

  • Compliance with occupational health and safety standards, as well as technical installation instructions.
  • Appropriation of interest in information security and technology applied to industrial processes.
  • Rigor in the knowledge of safety concepts and their associated risks in industrial plants.
  • Skill in implementing industrial network security and its associated controls.
CONTENTS

Identification of ICS/SCADA components.

  • Differences between IT and OT Cybersecurity.
  • ICS components.

Description of industrial networks and protocols.

  • ICS Architectures and Protocols.
  • Industrial Network Threats.

Recognition of industrial threats and vulnerabilities.

  • ISA 95: Purdue classification model.
  • Industrial Risk Scenario.
  • Introduction to Shodan.
  • Protocols and attack surface.
  • History of attacks on industrial networks: models.
  • Industrial Hacking.

Definition of standards and knowledge of best industrial cybersecurity practices.

  • NIST SP 800-82 Securing Industrial Control Systems.
  • NIST SP 800-53 Risk Management Strategy.
  • IEC 62443 Processes, People and Technology.
  • NERC CIP: Critical Energy Infrastructures (USA).

Module 4

BASIC AND ADVANCED CYBER EXERCISES OF INDUSTRIAL CYBERSECURITY – 24 hours

What are you going to learn in this module?

  • Teamwork in virtual scenarios of technological networks and industrial infrastructures in situations of attacks and vulnerabilities applicable to real environments in real time.
  • Development of anticipation and leadership capabilities in risk situations in industrial facilities.
  • Appropriation of Industrial Cybersecurity culture for immediate application in digitalization processes in operational environments.
CONTENTS

Identification of ICS vulnerabilities.

  • Detection and prevention of them.

Simulation of attacks on OT Industrial Networks through Cyber Range.

Identification and implementation of DDOS Attacks.

  • Origin.
  • Detection.

Evaluation of OT/IT Ransonware scenarios.

Secure design of industrial networks with digital twin.

Application of industrial network security tools.

Module 5 (optional)

CISCO CERTIFIED SUPPORT TECHNICIAN (CCST) CYBERSECURITY – 120 Hrs

What are you going to learn in this module?

  • Vital skills like threat intelligence, network security and risk management to protect yourself and organizations against cyber attacks.
CONTENTS
1. Essential Security Principles.

   1.1. Define essential security principles.

  • Vulnerabilities, threats, exploits and risks; attack vectors; hardening; defense in depth; confidentiality, integrity and availability (CIA); types of attackers; reasons for attacks; code of ethics.

   1.2. Explain common threats and vulnerabilities.

  • Malware, ransomware, denial of service, botnets, social engineering attacks (sneaking, spear phishing, phishing, vishing, smishing, etc.), physical attacks, man in the middle, IoT vulnerabilities, insider threats, Advanced Persistent Threat (APT) ).

   1.3. Explain the principles of access management.

  • Authentication, Authorization and Accounting (AAA); RADIUS; multi-factor authentication (MFA); password policies.

   1.4. Explain encryption methods and applications

  • Types of encryption, hashing, certificates, public key infrastructure (PKI); Strong vs. Strong Encryption Algorithms weak; data states and appropriate encryption (data in transit, data at rest, data in use); protocols that use encryption.
2. Basic Concepts of Network Security.

2.1. Describe vulnerabilities in the TCP/IP protocol.

  • TCP, UDP, HTTP, ARP, ICMP, DHCP, DNS.

   2.2. Explain how network addresses affect network security.

  • IPv4 and IPv6 addresses, MAC addresses, network segmentation, CIDR notation, NAT, public networks vs. private.

   23. Describe network infrastructure and technologies.

  • Network security architecture, DMZ, virtualization, cloud, honeypot, proxy server, IDS, IPS.

   2.4. Set up a secure wireless SoHo network.

  • MAC address filtering, encryption standards and protocols, SSID.

   2.5. Implement secure access technologies.

  • ACL, firewall, VPN, NAC.
3. Endpoint Security Concepts.

   3.1. Describe operating system security concepts.

  • Windows, macOS and Linux; security features, including Windows Defender and host-based firewalls; CLI and PowerShell; file and directory permissions; escalation of privileges.

   3.2. Demonstrate familiarity with appropriate endpoint tools that collect security assessment information.

  • Netstat, nslookup, tcpdump,

   3.3. Verify that endpoint systems comply with security policies and standards.

  • Hardware inventory (asset management), software inventory, program deployment, data backups, regulatory compliance (PCI DSS, HIPAA, GDPR), BYOD (device management, data encryption, application distribution, device management setting).

   3.4. Implement software and hardware updates.

  • Windows updates, application updates, device drivers, firmware, patches.

   3.5. Interpret system logs.

  • Event viewer, audit logs, system and application logs, syslog, anomaly identification.

   3.6. Demonstrate familiarity with malware removal.

  • System scanning, scan log review, malware remediation.
4. Vulnerability Assessment and Risk Management.

   4.1. Explain vulnerability management.

  • Identification, management and mitigation of vulnerabilities; active and passive recognition; testing (port scanning, automation).

   4.2. Use threat intelligence techniques to identify potential network vulnerabilities.

  • Uses and limitations of vulnerability databases; industry standard tools used to assess vulnerabilities and make recommendations, policies and reports; Common Vulnerabilities and Exposures (CVE), cybersecurity reports, cybersecurity news, subscription services and collective intelligence; ad hoc and automated threat intelligence; the importance of proactively updating documentation and other forms of communication before, during and after cybersecurity incidents; how to secure, share and update documentation.

   4.3. Explain risk management.

  • Vulnerability vs. risk, risk classification, approaches to risk management, risk mitigation strategies, risk levels (low, medium, high, extremely high), risks associated with specific types of data and data classifications, system security assessments IT (information security, change management, computer operations, information assurance).

   4.4. Explain the importance of disaster recovery and business continuity planning.

  • Natural and human-caused disasters, characteristics of disaster recovery plans (DRP) and business continuity plans (BCP), backups, disaster recovery controls (detective, preventive and corrective).
5. Incident Management. 

   5.1. Monitor security events and know when escalation is necessary.

  • Role of SIEM and SOAR, monitoring network data to identify security incidents (packet captures, various log file entries, etc.), identifying suspicious events as they occur.

   5.2. Explain computer forensics processes and attack attribution.

  • Cyber Attack Chain, MITER ATT&CK Matrix and Diamond Model; Tactics, Techniques and Procedures (TTP); sources of evidence (artifacts); evidence manipulation (preservation of digital evidence, chain of custody).

   5.3. Explain the impact of compliance frameworks on security incident handling.

  • Compliance frameworks (GDPR, HIPAA, PCI DSS, FERPA, FISMA), reporting and notification requirements.

   5.4. Describe the elements of cybersecurity incident response.

  • Elements of policies, plans and procedures; stages of the incident response life cycle (NIST Special Publication 800-61 sections 2.3, 3.1-3.4).

Earn these professional badges/certifications issued by Cisco.

Once you complete the training, you will achieve certifications that will set you apart from other professionals and prove that you have the crucial practical skills to assess and manage risks, implement security measures in systems and networks, and respond effectively to security incidents. 

Badge issued by Cisco – Introduction to Cybersecurity”

Information Technology Specialist Cybersecurity Certification

Cisco Certified Support Technician (CCST) Professional Certification

Qualifications

Complete this training and get 4 accreditations!

CISCO Badge: 'Introduction to Cybersecurity'. 

Degree “Advanced cybersecurity in operation technology environments, corresponding to the training specialty IFCT0050 

Two professional certifications, Information Technology Specialist Cybersecurity Certification and Cisco Certified Support Technician Cybersecurity (CCST), for passing module 5, which is optional. 

Questions frequent

The training begins on October 30 and lasts two months.

No, neither the training nor the issuance of the title, badge or certification have any type of cost for the students.

Approximately 17 a week with flexible hours, you decide when to complete the content on the platform. Additionally, masterclasses will be given and group tutorials will be held, which you can attend live or view the recording. There will be a learning control at the end of each module.

– Be employed, self-employed, civil servant or be a job seeker.

– Have a high school academic level or higher.

– Commitment to dedicate enough time to take advantage of the training, which could be up to 20 hours per week for 2 months.

Yes. When you complete the first 4 modules you will receive the CISCO 'Introduction to Cybersecurity' credential and the 'Advanced Cybersecurity in Operational Technology Environments' qualification. Subsequently, if you wish to obtain the CISCO CCST certification and the IT Specialist Cybersecurity certification, you will have an additional 2 months to complete module 5.

Registration for the course
Advanced cybersecurity in operation technology environments 

If you need support to complete your registration, write to cybersecuritycourse@grupomainjobs.com by phone at 951 20 70 25 either 951 20 70 22 or by WhatsApp at o 615 668 820

PARTICIPANT DATA

first two digits
Last ten digits
(*) Contribution groups 06, 07, 09 or 10 of the last occupation. People who are not in possession of a professional license, certificate or level 2 or 3 professionalism, vocational training title or a university degree.
Indicate last occupation
(*) People registered as applicants in the employment office

DOCUMENTATION UPLOAD

Allowed files: (.pdf, .png, .jpg).
Maximum size 2MB in each document request.
If you have problems uploading the image from your mobile, we recommend taking the photo immediately and not uploading it from the gallery.

Click or drag a file to this area to upload.
Click or drag a file to this area to upload.
Click or drag a file to this area to upload.
If you are working, your work history. If you are studying or unemployed, your IPI registration period report.
Click or drag a file to this area to upload.
Document that certifies the qualification requirement. (*)

(* ) Degree requirement:
• Bachelor's degree or equivalent.
• Higher Technician Title (FP Higher Degree) or equivalent.
• Have passed the access test to Higher Level training cycles.
• Level 3 professional certificate.
• Or higher level qualification that implies being in possession of any of the above.

Clear Signature
The signature should not protrude from the frame.