ICS/OT Cybersecurity Awareness: Industrial Defense Through Managing Human Risk with Training

Tackling the Human Factor in ICS/OT Security

This poster highlights the unique need for ICS and OT specific cybersecurity awareness training within critical infrastructure environments, for all ICS/OT sectors. Unlike traditional IT environments, ICS/OT systems manage and secure physics - real-time engineering processes where safety is paramount, making the alignment of cybersecurity training with safety protocols essential. The poster details how role-based training for operators, engineers, and leaders reinforces the critical importance of awareness in defending industrial systems against evolving cyber threats targeting control system environments. It emphasizes that every individual involved in industrial operations—regardless of their role—contributes to securing critical infrastructure through comprehensive policies, procedures, and ICS/OT-specific cybersecurity practices.

By embedding cybersecurity awareness within the existing safety culture, organizations can strengthen operational safety, resilience and defense against threats, ensuring the continuous protection of vital systems that make move and power our world.

The content of this poster, written by Dean Parsons, supports the SANS Workforce ICS/OT short courses and SANS ICS418: ICS Security Essentials for Leaders course, offering key strategies for fostering a strong security culture tailored to industrial environments.