SANS Institute, the global leader in cybersecurity training and certifications, announced SANS Abu Dhabi February 2024. Hosted at the Fairmont Bab Al Bahr, Abu Dhabi, from February 24 to 29, 2024, SANS Abu Dhabi will target how the cybersecurity industry can safeguard critical infrastructure through advanced industrial control systems (ICS) training, and teach advanced skills to hunt, identify, counter, and recover from a wide range of threats within enterprise networks.
In 2023, the UAE fortified its cybersecurity framework, countering approximately 50,000 daily cyberattacks targeting pivotal sectors such as banking, finance, health, and oil and gas. The UAE Cyber Security Council strategically implemented proactive defense measures, securing the nation’s impressive fifth position in the Global Cybersecurity Index. Despite this achievement, persistent challenges emerged as cybercriminals continued to target vital sectors, prompting an ongoing need for vigilant monitoring and adaptable security measures.
“The cybersecurity landscape remains dynamic, and looking ahead to 2024, the Middle East can expect a surge in the unique challenges of ICS security, reflecting the region’s strategic position in sectors crucial to its digital resilience, such as oil and gas,” says Ned Baltagi, Managing Director – Middle East, Turkey and Africa, SANS Institute. “Attacks against critical infrastructure are not only increasing in volume but also growing in sophistication. Adversaries are exploiting both ICS and IT environments to achieve malicious goals, posing risks to safety and engineering operations. The global escalation in ransomware events against ICS environments shows no signs of slowing down, and the impact extends beyond IT support services, potentially affecting ICS operations.”
The SANS 2023 ICS/OT Cybersecurity Survey reveals that only 52% of ICS facilities have a documented, tested, and up-to-date ICS/OT-specific incident response plan, while 17% are uncertain if such a plan exists. Recognizing the imperative need, facility leadership and engineering teams must distinguish between traditional IT security and industrial control system security.
Baltagi continues, “ICS/OT assets should not be compared to traditional IT assets. To fortify defenses against evolving threat groups aiming for disruption, downtime, and safety impacts, critical infrastructure owners and operators must prioritize ICS-specific security training for their teams, ensuring they are certified and well-equipped to face the challenges ahead. Moreover, ongoing training in threat hunting and incident response ensures that cybersecurity professionals remain adept at handling the evolving landscape of cyber threats. As the UAE continues to position itself as a global hub, maintaining a robust cybersecurity posture through proactive threat hunting and effective incident response is integral to protecting critical systems.”
SANS Abu Dhabi 2024 will offer two specialized courses through both in-person training and simultaneous live online sessions: FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics and ICS410: ICS/SCADA Security Essentials.
For those keen on advanced threat hunting and forensic analysis, FOR508 is a deep dive into investigative techniques and tools. Whether it’s a data breach, malware attack, or any other form of cyber threat, having a well-defined incident response plan is imperative, and participants will learn how to effectively hunt, detect, and contain a variety of adversaries and to remediate incidents.
ICS410 is crucial course focusing on industrial control systems and SCADA security, vital for the infrastructure of the modern world. The course will help participants develop cyber-secure-aware engineering practices and real-time control system IT /OT support carried out by professionals who understand the physical effects of actions in the cyber world.
Additionally, on February 26 from 5:30 pm – 6:30 pm, SANS Instructor Christopher Robinson will host a SANS Community Night session on ‘OT Penetration Testing – Lessons Learned from Penetration Testing Operational Environments.’ He will present lessons learned and challenges faced while performing a penetration test on ICS/OT environments, especially how the goals and scope will differ from a traditional IT penetration test.