Your Legacy DCS Is Not the Problem.
The Upgrade Pitch Is.
Learn a proven, standards-compliant approach to securing legacy OT systems β without replacing them. Real-world frameworks, live attack demonstrations, and a 90-day implementation roadmap built for engineers and plant managers who need results, not vendor lock-in.
Applied at operating power utilities β aligned to international standards
You Are Being Told One Thing.
The Standards Say Another.
Your OEM says the same thing every time a cybersecurity audit comes around.
You are paying millions for hardware replacements that introduce new attack surfaces, cloud dependencies, and licensing arrangements you cannot exit β while your existing process knowledge disappears into a vendor's server.
ISO 27001 and IEC 62443 explicitly recognise risk avoidance through isolation as a fully valid and auditable risk treatment method. A system that cannot be reached cannot be breached.
A reference-site assessment of Siemens SCALANCE switches found 65 documented CVEs β 8 rated CRITICAL at CVSS 9.8 or 10.0. Several have no vendor fix planned. The patched upgrade carries its own unsolved vulnerabilities.
Compliance requires a documented, risk-managed control environment. Physical segmentation, data diodes, and passive monitoring satisfy that requirement without introducing new software dependencies.
What This Course Changes
After completing this course, you will be able to examine any OEM recommendation through the lens of verified standards, documented threat intelligence, and proven architecture β and make an independent, defensible decision.
Move legacy DCS logic to isolated virtual environments. Remove the physical attack surface without losing process knowledge or control fidelity.
Deploy data diodes and physical zone separation. A system that cannot be reached cannot be breached. Full ISO 27001 and IEC 62443 compliance through risk avoidance.
Passive continuous monitoring through a NOC and data-diode architecture. Full visibility without creating new ingress points or disrupting live processes.
Every framework in this course has been applied at operating power utilities, including a board-level engagement with Eskom Holdings SOC Ltd β Africa's largest power utility.
This Course Is Designed For
At power plants, substations, and generation facilities who maintain DCS, SCADA, or PLC systems and need a practical cybersecurity framework they can implement themselves.
Responsible for business continuity and being asked to approve large capital expenditure on OEM upgrades without an independent technical justification.
Transitioning into OT/ICS who understand IT security principles and need to understand how Zero Trust translates β and where it does not β into the industrial environment.
At energy companies who need a clear, standards-referenced position they can present to regulators, auditors, and insurers.
Working against IEC 62443, ISO 27001, NESA UAE, or NIS2 frameworks who need to map OT-specific controls to existing governance structures.
Being pressured by Siemens, ABB, GE, or Honeywell to spend on hardware or software upgrades as the only route to cybersecurity compliance.
Key Outcomes
By the end of this course, you will be able to:
Explain the three pillars β Virtualise, Isolate, Monitor β and apply each to a legacy DCS environment with documented evidence.
Identify the ISO 27001 and IEC 62443 provisions that validate isolation as a compliant risk treatment, and challenge OEM recommendations with referenced standards.
Conduct a structured asset inventory and risk/threat model for an OT network, distinguishing threats that require patching from those neutralised by architecture alone.
Design and document a network segmentation strategy using data diodes and physical zone separation that removes the attack surface without new vulnerabilities.
Evaluate the real risk profile of a proposed OEM upgrade β including new CVEs, cloud dependency, licensing lock-in, and planned obsolescence timelines.
Deploy passive continuous monitoring through a NOC and data-diode architecture that provides visibility without creating additional ingress points.
Build and present a 90-day implementation roadmap suitable for board or senior management approval.
Respond effectively to a live OT incident with documented procedures for isolation, evidence preservation, and recovery that maintain process continuity.
13 Modules. 50 Lessons.
A Complete OT Security Programme.
Why Zero Trust from IT does not apply unchanged to OT, and how to adapt it where availability outranks confidentiality.
Real CVE data from Siemens SPPA-T3000, SCALANCE switches, and S7 PLCs. Live DDoS demonstration against a Siemens S7.
IEC 62443, ISO 27001, NESA UAE, and NIS2 β how to map OT controls and produce audit-ready documentation.
Passive discovery methods for legacy environments. Building a complete hardware and software register without disrupting live processes.
Consequence-based prioritisation and treatment selection β including when isolation is the correct treatment.
Data diode deployment, physical zone separation, the case for removing attack surface rather than managing it.
Secure remote access for semi-isolated OT. MFA and privileged access management without cloud dependency.
Protocol security for DNP3, Modbus, and IEC 61850. Managing legacy protocols that cannot be encrypted.
Passive network monitoring architecture. NOC integration. Anomaly detection without active scanning.
OT-specific response playbooks. Isolation without process trip. Evidence collection and board communication protocols.
Recovery sequence design. DCS configuration backup and restoration. Continuity planning independent of OEM availability.
A structured 30/60/90-day programme from attack surface verification to pilot monitoring deployment.
How to present a non-upgrade compliance strategy to boards, auditors, and regulators. Responding to OEM counter-arguments with documented evidence.
About the Instructor
With more than 20 years of hands-on experience in industrial automation and power plant control systems, Petr has conducted vulnerability assessments and designed security architectures for operating generation facilities across Europe and Southern Africa.
His work includes documented assessments of Siemens SPPA-T3000 DCS platforms, SCALANCE network infrastructure, and S7 PLC environments β producing one of the most detailed OT vulnerability reports available outside a vendor security advisory.
In April 2026, Petr prepared and presented the OT cybersecurity technical brief to the Eskom Holdings SOC Ltd Generation Board, covering live attack surface evidence and a phased compliance programme.
8 rated CRITICAL at CVSS 9.8β10.0. Several marked "no fix planned" by Siemens.
Technical brief BM-ESKOM-BRD-001 presented to Eskom Generation Board.
IEC 62443 Β· ISO 27001 Β· NESA UAE IAS Β· NIS2 β all cross-referenced in course materials.
Live denial-of-service attack against a Siemens S7 PLC using publicly documented methods.
Choose the Programme That Fits Your Situation
If you are preparing for a compliance audit, board presentation, or OEM negotiation, Premium provides the most direct value.
Frequently Asked Questions
End-of-life is a commercial statement, not a security verdict. ISO 27001 and IEC 62443 do not require hardware to be on a supported firmware path β they require that risk is identified, documented, and treated. For many end-of-life OT systems, isolation and physical segmentation is the most effective treatment available, and it is fully auditable.
Yes. Module 3 covers IEC 62443 in detail. The standards mapping materials include a cross-reference table across IEC 62443, ISO 27001, and NESA UAE IAS. The approach was applied in a formal compliance context at Eskom, where IEC 62443 was the primary referenced framework.
Yes. Module 6 covers zone separation between legacy and modern systems. Module 9 addresses passive monitoring across heterogeneous environments. The 90-day roadmap in Module 12 is structured for phased environments.
Module 7 addresses remote access design for semi-isolated environments, including how to structure vendor access windows that are time-limited, monitored, and auditable β without maintaining a permanent remote connection.
Modules 1 and 2 establish the OT context. The content builds progressively from Module 3. The live S7 DDoS demonstration is particularly valuable for IT professionals who have not observed OT attack scenarios in a physical plant context.
Yes. The VirtualiseβIsolateβMonitor methodology applies to any legacy OT environment: water utilities, oil and gas, manufacturing, chemical processing, and rail. The standards referenced are sector-agnostic.
The Decision Is Not Technical.
It Is One of Accountability.
Every week your plant's OT network remains without a documented, defensible security position, the question is not whether a risk exists β it is whether anyone in your organisation has named an owner for it.
This course gives you the technical framework, the standards references, and the practical tools to answer that question directly: to your board, to your regulator, and to your OEM.
You do not need to replace your DCS to be compliant. You need to understand your risk and prove you have treated it.
