Training
Featured CourseView All Courses
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Industrial Control Systems Security Training

Industrial Control Systems (ICS) and Operational Technology (OT) are increasingly targeted by cyber threats, putting businesses, governments, and national infrastructure at risk. Specialized ICS/OT security training is vital to securing operations across all industries and defending the systems that make, move, and power the world.

ICS/OT Security Training
Jump to:

The SANS ICS Security Mission

Unlike traditional IT environments, ICS/OT systems face unique risks that demand both cybersecurity expertise and operational awareness. SANS ICS security training prepares defenders for the evolving threats targeting essential industries worldwide. From foundational to advanced—SANS ICS training, led by expert instructors with real-world labs using cyber physical systems, provides the knowledge and hands-on skills to defend the critical infrastructure and industrial operations that drive economies.

What You'll Learn

ICS/OT Cyber Threats & Defense Strategies

Understand the unique attack surfaces of ICS/OT environments and apply defense-in-depth strategies to mitigate real-world threats.

Secure ICS/OT Architecture & Risk Management

Learn how to design, assess, and strengthen industrial systems while aligning with industry frameworks and regulatory requirements.

Threat Detection & Incident Response in ICS/OT

Develop the skills to detect, investigate, and respond to cyber threats targeting industrial operations, minimizing downtime and business disruption.

Student Insights

Even in the tech industry, ICS security is often overlooked. This training showed me how ICS threats impact all sectors and gave me the skills to mitigate them.
Emily W.Microsoft

Featured Courses

  • Slide 1 of 7

    ICS515: ICS Visibility, Detection, and Response

    Intermediate
    ICS515Industrial Control Systems Security
    ICS515: ICS Visibility, Detection, and Response
    • GIAC Response and Industrial Defense (GRID)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 2 of 7

    ICS418: ICS Security Essentials for Leaders

    Essentials
    ICS418Industrial Control Systems Security
    ICS418: ICS Security Essentials for Leaders
    • 12 CPEs / 12 Hours (Self-Paced)
    • Labs: 12 Hands-On Labs

    View course detailsRegister
  • Slide 3 of 7

    ICS613: ICS/OT Penetration Testing & Assessments

    newAdvanced
    ICS613Industrial Control Systems Security
    ICS613: ICS/OT Penetration Testing & Assessments
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 27 Hands-On Labs

    View course detailsRegister
  • Slide 4 of 7

    ICS456: Essentials for NERC Critical Infrastructure Protection

    Essentials
    ICS456Industrial Control Systems Security
    ICS456: Essentials for NERC Critical Infrastructure Protection
    • GIAC Critical Infrastructure Protection (GCIP)
    • 5 Days (Instructor-Led)
    • 31 CPEs / 31 Hours (Self-Paced)
    • Labs: 23 Hands-On Labs

    View course detailsRegister
  • Slide 5 of 7

    ICS310: ICS Cybersecurity Foundations

    newBeginner
    ICS310Industrial Control Systems Security
    ICS310: ICS Cybersecurity Foundations
    • 6 CPEs / 6 Hours (Self-Paced)
    • Labs: 3 Hands-On Labs

    View course detailsRegister
  • Slide 6 of 7

    ICS410: ICS/SCADA Security Essentials

    Essentials
    ICS410Industrial Control Systems Security
    ICS410: ICS/SCADA Security Essentials
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 15 Hands-On Labs

    View course detailsRegister
  • Slide 7 of 7

    ICS612: ICS Cybersecurity In-Depth

    Advanced
    ICS612Industrial Control Systems Security
    ICS612: ICS Cybersecurity In-Depth
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister

Meet Your Experts

Mark Bristow

Mark Bristow

Director

Mark loves the ever-changing landscape of security and views it as a puzzle that must be solved. He especially loves the challenges in ICS security, where the cyber meets the physical. There is no greater success than a safe and effective process.

Learn more
Lesley Carhart

Lesley Carhart

Technical Director of Incident Response for North America

Lesley is Technical Director of Incident Response for North America for Dragos and teaches SANS Industrial Control System courses. She's a recognized leader in cybersecurity and has won a number of prestigious awards in the field.

Learn more
Jason Christopher

Jason Christopher

Senior Vice President of Cybersecurity and Digital Transformation for Research & Innovation

Jason D. Christopher has significantly influenced national cybersecurity policies through his leadership in developing the NERC Critical Infrastructure Protection standards and the U.S. Department of Energy's Cybersecurity Capability Maturity Model.

Learn more
Tim Conway

Tim Conway

SANS ICS Curriculum Lead

Tim serves as the Technical Director of ICS and SCADA programs at SANS, and he is responsible for developing, reviewing, and implementing technical components of the SANS ICS and SCADA product offerings.

Learn more
Jason Dely

Jason Dely

Director

Jason Dely brings over 20 years of experience and a diverse industrial control system background to SANS and the industrial control system (ICS) community.

Learn more
Monta Elkins

Monta Elkins

Hacker-in-Chief

Monta Elkins is currently "Hacker-in-Chief" for FoxGuard Solutions, an ICS patch provider. A security researcher and consultant; he was formerly Security Architect for Rackspace, and the first ISO for Radford University.

Learn more

Explore Careers Within Industrial Control Systems Security

ICS Security Analyst

Industrial Control SystemsExplore learning path

ICS Security Architect

Industrial Control SystemsExplore learning path

ICS Security Incident Responder

Industrial Control SystemsExplore learning path

Process Control Engineering

Industrial Control SystemsExplore learning path

ICS Security Manager

Industrial Control SystemsExplore learning path

SANS ICS Security Summit & Training 2026

Obtain hands-on, practical skills from the world's best instructors by taking a SANS course at SANS Cybersecurity Leadership Summit 2026.

Explore Event
ICS Europe Summit 2025

Upcoming Events

SANS 2025 ICS/OT Survey Webcast & Forum: The State of ICS/OT Cybersecurity

On this webcast, we will explore results from our 2025 survey. We will cover specific topics with an eye toward providing asset owners and operators with clear benchmarks for improving cyber threats, vulnerabilities, and risks across industrial environments.

WebinarIndustrial Control Systems Security
Webcast Abstract Image
  • 19 Nov 2025
  • 10:30 EST
View details

ICS/OT Insights From The Experts

Tyler WebbDean ParsonsTim ConwayRobert M. LeeMark Stacey

The Case for Safer, Smarter ICS Penetration Testing

Critical infrastructure is increasingly under attack from a variety of threat groups ranging from nation states to criminal opportunists.

Blog
Written ByTyler Webb
Tyler Webb
Blue Electronic Abstract
More Insights

Frequently Asked Questions