OT Cybersecurity Professional Training

This advanced training prepares you for the GICSP exam and builds the skills needed to assess and secure industrial control systems with confidence.

... > Training Courses > OT Cybersecurity Professional Training

OT Cybersecurity Professional Training

Industrial Control Systems (ICS) form the backbone of everyday life, underpinning everything from critical infrastructure to building automation. This course is a continuation of the OT Cybersecurity Fundamentals Training Course and will help you to be fully prepared for the GICSP exam.

Date: 19 - 20 August 2026
Location: Bureau Veritas Cybersecurity Office, Amsterdam
Price: €1.500 excl. VAT

* Note: We also offer this training course as an in-company option. Contact us for more information.

OT Cybersecurity Professional Training

If you are interested in this training, please fill out the form and we will contact you within one business day.

First Name

Last Name

Company / Organization

Phone Number

How can we help you?

I give permission to process my data as described in the Privacy Policy and agree to the Terms and Conditions.

I consent to let Bureau Veritas Cybersecurity use this data to provide me with additional information from their services, events or topics that may be of interest to me

Why join?

Prepare for the GICSP exam with focused content and practice.
Build on key topics from the OT Fundamentals training.
Analyze ICS attacks across the Purdue model.
Explore IEC62443 and NIST CSF frameworks.
Perform OT risk assessments with practical insights.

You’ll also cover topics such as OT network architectures, encryption, system hardening, firewall deployment, physical security, endpoint protection, logging and monitoring, asset inventories, and backup strategies—equipping you to secure industrial environments effectively.

Intended Audience

This course is specifically tailored for professionals with a foundational understanding of OT cybersecurity, including control system engineers, IT and OT security personnel, and management professionals seeking to deepen their expertise in this critical field. Participants will gain a comprehensive understanding of the complexities of OT cybersecurity, equipping them with the knowledge needed to succeed in the GICSP certification process.

Required Skills and Expertise

It is preferred to have followed the OT Fundamentals training course. Otherwise, having a general knowledge of OT Cybersecurity, including network technologies, the Purdue model, risk methodology, threat actors, threat modelling and fundamental security principles (CIA triad, access control, firewalls, logging, antivirus) is recommended.

Program

The program is divided into four modules, which are given in a two-day course. After completing the course, each participant is rewarded with a certificate.

Day 1

Module 1: Introduction and Recap OT Fundamentals

The program starts with a walkthrough of ICS fundamentals: Basic terminology, Industrial processes, control theory, and plant organization basics and quick recap of the OT Fundamentals training course.
A basic understanding of networking principles, including the OSI model.
A basic understanding of wireless networking, wireless ICS protocols, and the vulnerabilities associated with wireless systems.
A basic introduction to cryptography, including symmetric and asymmetric cryptography, hash algorithms and MACs.

Module 2: ICS Protocols, Components and secure ICS network architecture

In this module, we cover a range of widely used industrial protocols used in ICS networks.
How to design a secure ICS network architecture by segmentation and network boundaries by implementing firewalls, data diodes and Industrial IDS.
Explore the ICS attack surface, how to categorize these attacks and how to create attack trees and threat models to these scenarios.
Explore the ICS attack surface, techniques for categorizing attacks, and methods for creating attack trees and threat models for various scenarios.
Lastly for each Purdue level relevant ICS attacks will be mapped and examined comprehensively.

Day 2

Module 3: Cybersecurity Programs

We will cover the process of establishing a Cybersecurity Program for ICS networks using frameworks and standards such as IEC62443 and NIST CSF. These programs involve creating a variety of documents, including organizational policies and procedures. We will explain to attendees how to develop these policies and procedures and ensure compliance.

Following this, we will guide attendees through the process of conducting a risk assessment to identify potential threats and vulnerabilities. Participants will learn how to perform risk assessments and apply various risk evaluation techniques to assess, analyze, and communicate the identified risks.

Module 4: Security Standards, Threat Modeling and Real-World Case Studies

First we will begin by exploring the concept of an asset inventory, focusing on how to create a comprehensive ICS asset inventory and addressing the challenges associated with developing and maintaining it.
Next, we will cover physical security controls, specifically how to protect an ICS facility through the implementation of effective physical security measures.
We will learn what OS hardening is and how to harden different kinds of operating systems.
We will learn about different endpoint protection and antivirus solutions implemented in ICS networks, along with the challenges involved in implementing and maintaining these solutions.
We will examine how to implement essential security controls such as patch management for OT systems, as well as the complexities of ensuring effective patching. Additionally, we’ll cover the importance and best practices for implementing system backups.
Finally, we will highlight the importance of logging and monitoring within the ICS network and discuss how to build a robust incident response strategy to effectively manage and resolve security incidents.

Meet The Trainer

Bram Blaauwendraad

Bram Blaauwendraad is a Senior Security Consultant at Bureau Veritas Cybersecurity specializing in industrial environments.

With a master’s degree in Security and Network Engineering (also known as OS3) and a broad background in both technical and consultancy roles, he serves clients across all industrial industries.

Bram also advises clients in executing security transformations across project management, governance, policy, risk management, technical implementation, and more.

Additionally, he is a Subject Matter Expert in NIS2, guiding international projects to achieve compliance through a wide range of frameworks and standards such as ISO27k1, NIST CSF, and ISO27001.

More Information & Registration

If you are interested in this training, please fill out the form and we will contact you within one business day.

First Name

Last Name

Company / Organization

Phone Number

How can we help you?

I give permission to process my data as described in the Privacy Policy and agree to the Terms and Conditions.

I consent to let Bureau Veritas Cybersecurity use this data to provide me with additional information from their services, events or topics that may be of interest to me

Why choose Bureau Veritas Cybersecurity

Bureau Veritas Cybersecurity is your expert partner in cybersecurity. We help organizations identify risks, strengthen defenses and comply with cybersecurity standards and regulations. Our services cover people, processes and technology, ranging from awareness training and social engineering to security advice, compliance and penetration testing.

We operate across IT, OT and IoT environments, supporting both digital systems and connected products. With over 300 cybersecurity professionals worldwide, we combine deep technical expertise with a global presence. Bureau Veritas Cybersecurity is part of the Bureau Veritas Group, a global leader in testing, inspection and certification.