Intern

0 XP

OT/ICS/Critical Infrastructure

Industrial control systems run power grids, water treatment plants, oil refineries, and manufacturing lines. When they fail, people can die. This track covers IEC 62443 zones and conduits, NERC CIP for the bulk electric system, the Purdue Model, OT-specific threat actors and attack chains, and the fundamental differences between securing IT and OT environments. Built for OT security engineers, control system administrators, and IT professionals moving into industrial cybersecurity.

WORKSPACE SNAPSHOT

FRAMEWORKS

MODULES

CERTIFICATES

SCENARIOS

Module 1 of 7 · OT vs IT

OT vs. IT Security — Why Everything You Know Changes

In IT security, the priority is typically Confidentiality > Integrity > Availability. In OT, it's reversed: Availability > Integrity > Confidentiality. A power plant that goes offline kills people. A manufacturing line that stops costs millions per hour. An oil refinery that loses process control can explode. The consequence of a security control that causes a millisecond of latency on a real-time control loop can be physical destruction or loss of life. This single inversion changes every security decision — from patching (you can't reboot a running blast furnace) to network monitoring (inline inspection adds latency to control traffic) to incident response (isolating a compromised PLC might cause a worse outcome than leaving it running).

TRACK NAVIGATOR

LEARNING FLOW

FRAMEWORK FOCUS

CORE FRAMEWORKS

iec-62443nerc-cipnist-800-53nist-csf

TARGET CERTIFICATIONS

GICSPGRIDCSSAISA/IEC 62443 Cybersecurity Certificate

PRACTITIONER OUTCOME

Build industry fluency, not generic GRC knowledge

Understand how ot/ics/critical infrastructure regulations shape the control environment.

Move from framework names into operating decisions, evidence, and enforcement pressure.

Use the modules in sequence, then apply the same reasoning in scenarios and projects.