Email: ietcourses@theiet.org
ALL CAREER STAGES | UK-SPEC: A,B,E | 2.5 DAYS | ONLINE | CPD: 18 HOURS
Fundamentals of OT and cyber security training course
Preparing OT teams for CAF‑aligned cyber resilience
About the technical training course
This comprehensive course provides a foundational understanding of Operational Technology (OT) Security and Resilience, equipping participants with the knowledge and tools to navigate the evolving threat landscape across multiple sectors.
Designed for professionals at all levels, the course covers a broad spectrum of topics including sector-specific challenges, threat identification, lifecycle integration, and cyber management.
Participants will explore holistic security and resilience strategies, conduct risk assessments, and examine compliance requirements and supply chain considerations.
Cevn Vibert
 |
Cevn Vibert
Vibert Ltd
A Global Consultant in Compliance and Industrial Cyber Security, a Board Advisor, Chair and Speaker with over 30 years in Industry, managing solutions and teams in a wide range of markets and industries.
Founding Chair of the InstMC Cyber Group. Founding member of the UK Cyber Alliance forming the UK Cyber Council.
A Chartered Engineer and Chartered IT Professional. Technical Lead on global security enhancement projects. Cevn created and managed the UK Critical Infrastructure Protection (CIP) Facility, and the TRUST Security Explorer Facility for Thales.
He has been part of successful projects with EDF, Sellafield, Infineum, National Grid, BP, KOC, Network Rail, Thames Water, Dwr Cymru, Welsh Water, London Underground, Jordans Ryvita, Ginsters, Shell, Ford and many more global companies.
Recently founded the NIS Regulations Compliance programme with OFGEM, the UK Energy Regulator as Principal Cyber Assurance Manager in the Competent Authority.
Key learning objectives
- Understand the foundational principles of Operational Technology (OT) security and resilience.
- Identify sector-specific threats, vulnerabilities, and operational constraints.
- Understand OT system lifecycles and where security must be embedded.
- Describe governance structures, roles, responsibilities, and cyber management models.
- Recognise the differences between IT and OT priorities (safety, availability, determinism).
- Map OT environments using reference architectures (Purdue, IEC 62443 zones & conduits).
- Apply holistic security and resilience strategies across IT, OT, and physical domains.
- Conduct risk assessments using recognised methodologies.
- Identify and evaluate technical and procedural controls.
- Understand network segmentation, zoning, conduits, and secure remote access.
- Perform practical risk analysis on OT scenarios.
- Build DR (Disaster Recovery) and BC (Business Continuity) strategies for OT.
- Understand incident response in OT environments.
- Apply communication and collaboration techniques across teams.
- Develop continuous learning and improvement programmes.
- Advise confidently on OT security improvements.
Who should attend?
This course is designed for both technical and non-technical audiences, including:
- Engineers at all levels seeking to strengthen their understanding of OT security and resilience.
- IT professionals transitioning into Operational Technology roles.
- OT specialists looking for structured guidance on Security best practices.
- Managers and decision-makers who need a comprehensive overview of security and resilience across technical and operational domains.
- Compliance officers responsible for regulatory alignment and risk mitigation.
- Corporate trainers aiming to embed security and resilience strategies within their organisations.
Previous attendees include SSE, Standsted Airport, American Bureau of Shipping, Brookfield Properties and Simpsons Malt.
Don't just take our word for it…
"The Foundation in Cyber Security for OT Systems course brought together a holistic view of the regulations and the mechanics required to get to Cyber Secure."
"A real eye-opener! This course gave a solid grounding in OT security. Meeting professionals from different industries was invaluable the shared insights were just as useful as the course itself. Highly recommended!"
"The course was informative, engaging, structured and applicable to my own challenges."
"The course provides a good explanation of all the elements of regulations and how they fit together."
- Day one - Foundations and context
-
08.55
Teams open
09.00
Session 1: Course welcome and agenda
09.30
Session 2: Course introduction and industry trends
CAF A.1 and A.2
10.15
Quiz 1: Cyber sector introduction
CAF A.3
10.25
Break
10.40
Session 3: Cyber management
CAF A.1 and A.4
11.25
Quiz 2: Cyber management
11.35
Session 4: Information and Systems cyber security
CAF B.1 and B.4
12.20
Quiz 3: Information and Systems cyber security
12.30
Lunch
13.30
Session 5: Industrial and IT systems
CAF B.1
14.15
Quiz 4: Industrial and IT systems
14.25
Session 6: OT things
CAF B.1
15.10
Break
15.25
Session 7: Threat mitigation
CAF B.1 and B.3
16.10
Quiz 5: Threat mitigation
16.20
Session 8 and session 9: PhysSec and access control
CAF B.2 and B.4
17.00
Close of day one
- Day three – Response, resilience and engagement
-
08.55
Teams open
09.00
Recap of day two
09.05
Session 18: OT SOC
CAF C.1, C.2
09.50
Quiz 12: OT SOC
10.00
Break
10.15
Session 19: Gamification
CAF A.4, D.2
11.00
Quiz 13: Gamification
11.10
Session 20: Strawman cyber-enhance project
CAF A.1 – A.4
11.55
Final “what did you learn?” quiz
12.15
Session 21: Advice and final close
12.30
End of course
- Day two - Operational practice
-
08.55
Teams open
09.00
Recap of day one
09.05
Session 10: Change management
CAF A.4
09.50
Quiz 6: Change management
10.00
Break
10.15
Session 11: Incident management
CAF D.1, D.2
11.00
Quiz 7: Incident management
11.10
Session 12: Business continuity
CAF D.3
11.55
Quiz 8: Business continuity
12.05
Scenario: NIS inspection
CAF A - D
12.50
Lunch
13.50
Session 13: System auditing
CAF A.4, C.1, C.2
14.35
Quiz 9: System auditing
14.45
Break
15.00
Session 14: Pentesting
CAF B.1, C.1
15.45
Quiz 10: Pentesting
15.55
Session 15: Strategy and programmes
CAF A.1 - A.4
16.40
Quiz 11: Strategy and programmes
16.50
Session 16 and 17: Learning resources and incidents
CAF A - D
17.00
Close of day two
Please note that the programme is subject to change.
Course registration and pricing
Early bird tickets
Member - To be confirmed
Non-member - To be confirmed
Student/Apprentice - To be confirmed
Standard tickets
Member - To be confirmed
Non-member - To be confirmed
Student/Apprentice - To be confirmed
Group booking discounts
3 to 5 discount code - OTCYBERGR3T05
6 plus discount code - OTCYBERGR6PLUS
Overseas participants
If you are attending the course from outside of the UK and are paying for your booking using a company payment card where the company is VAT Registered and is the registered card billing address, please use the registration link for a VAT registered overseas company.
This form will capture your Company VAT Registration number and will be subject to Out of Scope VAT. Otherwise, VAT is charged at the UK rate of 20%.
If you are from outside the UK but paying with a personal payment card, please use the overseas individual link.
Terms and conditions
All prices are per person. If you require a proforma invoice before booking and/or wish to pay via purchase order, please contact us: events@theiet.org. We regret that we cannot accept AMEX for online payments.
*All students must provide a copy of their student pass or letter of enrolment from their college or University.
Once registered please email your documentation to events@theiet.org along with your booking confirmation number.
Discount codes are for member and non-member delegate registration only, and not applicable to student bookings.
If you need to pay for your group by proforma invoice, please contact events@theiet.org.
Contact us