Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Customer Case Studies

Discover how organizations and individual cyber practitioners use SANS training and GIAC certifications

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Contact Sales
Contact Sales

ICS/OT Security is Advancing at Two Speeds. Here’s What Comes Next.

The SANS State of ICS/OT Security 2025 Report reveals critical gaps between fast detection and slow, complex recovery. Explore what 330+ ICS/OT professionals are prioritizing next, and what it means for your organization’s safety, resilience, and operational continuity.

Explore the FindingsRegister for the Command Briefing
Man in Hardhat in Industrial Setting and Looking at Tablet
Jump to:

Key Findings

50%

of incidents began with unauthorized external access

19%

of incidents take more than a month to fully remediate

13%

of orgs have fully implemented ICS-aware access controls

50%

fewer financial losses and safety impacts among orgs using mandatory controls

Command Briefing: Preparing for What Comes Next

Join Tim Conway, Robert M. Lee, Jason D. Christopher, and Dean Parsons for a leadership-level discussion on how to secure remote access, extend visibility into controllers and remote sites, operationalize threat intelligence, and restore safely after an incident.

Tim ConwayRobert M. LeeJason ChristopherDean Parsons
Register Now

Free Resources

Why VPN and MFA Is Not Enough for OT: Evidence from the SANS State of ICS/OT Security Report

Half of ICS/OT incidents start with remote access. This blog explains why VPN and MFA alone fall short and what ICS-aware access really requires.

Blog
Written ByMichael Hoffman
Michael Hoffman
Webcast Abstract Image
More Insights

ICS Resources

From Intel to Action: Leveraging the ICS Threat Intelligence for Industrial Defense

Workers looking at screens
Read the Blog

Drive Regulations into Response: Compliance That Reduces Consequence

Worker looking at screens
Read the Blog

Advancing ICS/OT Security Across Federal Critical Infrastructure: What 2025 Data Reveals

The 2025 report highlights challenges federal teams know well: securing remote access pathways, extending visibility below Purdue Level 3, and ensuring safe, validated recovery across mission-critical systems.

SANS ICS training builds the skills needed to strengthen these capabilities and prepare practitioners for GIAC certifications—including GICSP, GRID, and GCIP—which are formally aligned with DoW 8140 and mapped to NICE Framework work roles.

Man In Military Uniform In Front of Computer Screens

Explore SANS ICS Security Training

  • Slide 1 of 7

    ICS310: ICS Cybersecurity Foundations

    new
    ICS310Industrial Control Systems Security
    ICS310: ICS Cybersecurity Foundations
    • 6 CPEs / 6 Hours (Self-Paced)
    • Labs: 3 Hands-On Labs

    View course detailsRegister
  • Slide 2 of 7

    ICS410: ICS/SCADA Security Essentials

    ICS410Industrial Control Systems Security
    ICS410: ICS/SCADA Security Essentials
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 15 Hands-On Labs

    View course detailsRegister
  • Slide 3 of 7

    ICS418: ICS Security Essentials for Leaders

    ICS418Industrial Control Systems Security
    ICS418: ICS Security Essentials for Leaders
    • 12 CPEs / 12 Hours (Self-Paced)
    • Labs: 12 Hands-On Labs

    View course detailsRegister
  • Slide 4 of 7

    ICS456: Essentials for NERC Critical Infrastructure Protection

    ICS456Industrial Control Systems Security
    ICS456: Essentials for NERC Critical Infrastructure Protection
    • GIAC Critical Infrastructure Protection (GCIP)
    • 5 Days (Instructor-Led)
    • 31 CPEs / 31 Hours (Self-Paced)
    • Labs: 23 Hands-On Labs

    View course detailsRegister
  • Slide 5 of 7

    ICS515: ICS Visibility, Detection, and Response

    ICS515Industrial Control Systems Security
    ICS515: ICS Visibility, Detection, and Response
    • GIAC Response and Industrial Defense (GRID)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 22 Hands-On Labs

    View course detailsRegister
  • Slide 6 of 7

    ICS612: ICS Cybersecurity In-Depth

    ICS612Industrial Control Systems Security
    ICS612: ICS Cybersecurity In-Depth
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 31 Hands-On Labs

    View course detailsRegister
  • Slide 7 of 7

    ICS613: ICS/OT Penetration Testing & Assessments

    new
    ICS613Industrial Control Systems Security
    ICS613: ICS/OT Penetration Testing & Assessments
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 27 Hands-On Labs

    View course detailsRegister

Train the Entire Workforce

Workforce ICS Cybersecurity Awareness Training

ICS Awareness Training

Explore SANS ICS Curriculum

Learn More