About The Hague Security Delta
What's happening in the
Dutch Security Domain?
The ENCS Red Team – Blue Team training for Industrial Control Systems (ICS) and Smart Grid cyber security program is a 3-day classroom course, where theoretical sessions and hands-on sessions will prepare the course participants for the Red Team – Blue Team exercise (RTBT), that will take place on the 3rd day of the course.
The ENCS Red Team – Blue Team training teaches anyone working with Industrial Control Systems (ICS) or Smart Grids the essentials of cyber security. In the first two days security specialists from ENCS give an overview of attacks and defensive measures. On the third day participants experience a cyber attack in a realistic Red Team – Blue Team
exercise. The Blue Team defends the networks of its company, in particular its core of ICS and Smart Grids components, the Red Team tries to hack it.
The training will give particpants:
• Raised awareness of ICS and Smart Grid cyber security risks
• An overview of defensive measures
• Strategies to detect attacks and respond to them
Awareness of Risks
To secure your ICS and Smart Grid systems, you need to know how hackers work. Anyone can learn the basic methods and tools they use. In the first two days the ENCS Red Team – Blue Team training teaches the entire class:
• The hacker mindset. Learn what drives hackers, so that you can discourage them from targeting your organization.
• The steps in a cyber-attack. Learn how hackers reach critical systems, so that you see vulnerabilities you missed before.
• The tools used by hackers. Learn the technologies hackers use, so that you can judge how hard it is to exploit a vulnerability.
You will learn to see your systems from a new angle, and get a better idea of the risks you face.
Strategies for Defense
In the first two days the ENCS Red Team – Blue Team training teaches you a strategy for defending your systems, based on three principles:
• Understand your network. Learn to analyze ICS and Smart Grids for security, so that you can choose security measures that do no harm operations
• Choose appropriate measures. Learn how to adapt IT security measures to ICS and Smart Grid, so that you make them work.
• Monitor your security. Learn about intrusion detection and incident response, so that you can detect attacks that cannot be prevented. During the exercise on the third day, you can try different defensive strategies and techniques in a scenario that not only realistically simulates the technical aspects, but also the pressure and communication problems you face during a cyber attack.