< Back to results

Critical Infrastructure Cyber Security

Communication  /   Business & Management  /   Defence Industry  /   Technology  /   Digital  /   Risk  /   Governance
Australia’s critical infrastructure is highly interconnected and increasingly complex, spanning sectors from energy and transport to healthcare. As physical and digital systems converge, new security risks emerge—this course explores those risks and provides practical experience with modern information technology environments.
Next Dates
13 Apr
View more dates
Duration
5 days
Delivery mode
In-person
Location
UNSW Canberra City
Price (AUD inc. GST)
$5,650
Spots remaining
AVAILABLE
Technology Digital Data Abstract Background, Data Analysis and Access to Digital Data, Digital Cyberspace with Particles and Digital Data Network Connections, 3D Rendering
  • Lead with impact
  • Hands-on experience
  • Real-world relevance
Enquire
Enrol

Course summary

Hands-on protection for complex industrial systems

This onsite professional development course equips engineering, IT and technical management professionals with practical approaches to protecting industrial infrastructure. Designed for varying experience levels, it offers concurrent hands-on lab streams focused on either control systems or IT hardware and software.

The course combines presentations and group discussions with extensive guided labs using VM-based environments, real hardware and digital twin technologies. Participants take part in Red/Blue team exercises and a final insider-threat scenario, applying their skills to defend a live training environment.

Participants can choose lab streams based on their experience, with foundational options available for those new to industrial or IT systems. Please note that places are limited due to hardware and licensing constraints, and lab selections are allocated on a first-come, first-served basis.

Who will benefit
  • IT and engineering professionals with varying degrees of background knowledge. 

Course is suitable for
  • The course is designed for beginners and assumes no prior knowledge. 

Delivered by experts

Cameron Sands headshot
Cameron Sands
Facilitator
  • He has more than 30 years’ experience in industrial and commercial automation, spanning critical infrastructure sectors. Some include electrical generation and distribution, water and wastewater treatment, oil and gas, banking, communications and data centres, transport systems, food manufacturing, healthcare and Defence.
  • His specialist expertise includes programming industrialised systems such as programmable logic controllers (PLC’s), supervisory control and data acquisition (SCADA), human machine interfaces (HMI’s), servo drives, industrial vision systems, automated/laser guided vehicles (AGV’s/LGV’s), industrial robotics as well as transfer systems for data to, around and from the plant. 
  • He also has experience in the typically non-industrial areas of building management systems (BMS’s), security, access control and CCTV systems. A major part of his time is spent on site commissioning his projects.  
  • He is a certified professional electrical engineer and has completed postgraduate studies in cyber security and computer forensics as well as having trade qualifications in electrical, data, solar and security. He is a member of the Australian Standards Committee for Australia’s primary electrical standards and has been teaching at several universities since 2012.
Ray Hunt headshot
Ray Hunt
Facilitator
  • With a master's degree in Electrical Engineering (Christchurch) and a PhD (Adelaide), Ray has worked in the airline industry designing international networks. He has also taught in a variety of Universities in Australia, New Zealand, Asia, Vancouver and London. Over the last 20 years he has provided numerous training courses and consultation for industry and governments including Defence, NZ and Police (NSW) in the areas of networks and cybersecurity. 
  • He has visited Asia over 70 times in the last 25 years. Specifically, these have included numerous workshops for British Aerospace (Australia), Reuters and AT&T (Hong Kong), Ministry of Defence and Fujitsu (Singapore), Royal Holloway College, London and Vodafone (New Zealand) and a variety of related workshops in Bangkok, Taiwan and Kuala Lumpur.
  • He currently holds academic appointments as a Visiting Associate Professor at Royal Holloway, University of London, and as an Adjunct Associate Professor at Flinders University in Adelaide and the University of Canterbury in New Zealand.

About the course

Mastering cyber infrastructure

Australia’s critical infrastructure is highly interconnected and increasingly exposed to security risks that threaten essential services and economic stability. As industrial operations rely more heavily on automated control systems such as SCADA, PLCs and distributed control systems, connectivity has introduced new vulnerabilities alongside operational benefits.

This course provides practical experience with modern IT and industrial control systems, exploring threat environments, attacker capabilities and effective techniques for securing critical and legacy systems.

Why enrol in this course

Develop specialised expertise in critical infrastructure cyber security

Gain a comprehensive understanding of the unique cyber security risks affecting critical infrastructure systems and the strategies required to protect nationally significant assets.

Build practical capability

The course emphasises hands-on experience using real-world industrial control systems and simulated environments, enabling participants to apply concepts directly to operational contexts.

Strengthen risk management and incident response capability

Participants develop the ability to assess vulnerabilities, manage cyber risk, and respond effectively to incidents affecting cyber-physical systems.

Enhance professional credibility and career progression

Completing this course demonstrates advanced technical and strategic capability in a specialised domain, supporting career advancement and leadership opportunities.

Key features

Shield check 1 icon
Focus on critical infrastructure protection

Covers the vulnerabilities and security challenges facing national critical infrastructure.

Vr user globe human icon
Hands-on, simulation-based learning

Use simulation tools and real control system hardware (SCADA, PLCs, HMIs) to replicate real-world threats and attack scenarios.

Security remote lock icon
Comprehensive technical coverage

Includes technical instruction on industrial control systems, SCADA, network security, wireless/mobile security, IoT/IIoT issues and multi-factor authentication.

Diagram split vertical icon
Tailored streams

Offer concurrent streams for participants to focus on either control system hardware or IT security tools.

Learning outcomes

Cyber security in action

This intensive multi-day program provides a fully immersive, practical exploration of cybersecurity across industrial control systems (ICS), networks, wireless environments, IoT/IIoT, authentication systems and modern attack tools. Participants progress from foundational concepts, such as ICS architecture, PLC programming, secure wireless design and network policy implementation, to advanced skills including VPN configuration, IoT security testing, SCADA integration, MFA deployment and red–blue team defence exercises.

The course culminates in practical attack simulations using tools like Metasploit, exploring real-world threats such as reverse shells, ransomware, privilege escalation and social engineering exploits. Designed for hands‑on learning, this course equips learners with applied skills to assess, secure and defend critical systems across diverse cyber environments.

What you'll learn

This course equips participants with a practical understanding of critical infrastructure environments, the threats they face, and the techniques used to secure them. You will learn:

  • The structure and interdependencies of critical infrastructure and why its protection matters
  • How industrial control systems (SCADA, PLCs, HMIs and DCS) operate within modern infrastructure
  • The security risks introduced by increased connectivity and automation
  • Common threat environments and attacker capabilities
  • Practical approaches to securing modern and legacy control systems

Topics covered

At the successful conclusion of this course, attendees will, at minimum, be able to:

  • CLO 1.  Investigate and evaluate the vulnerabilities of Industrial Control Systems and Critical Infrastructure.
  • CLO 2.  Link the principles behind the industrial hardware and software of control systems that are used in the operation of Industrial Control Systems and Critical Infrastructure.
  • CLO 3.  Examine technical specifics about the vulnerabilities of Industrial Control Systems and Critical Infrastructure service delivery with an emphasis of those services’ dependant on control systems reliability and recoverability.
  • CLO 4.  Develop and implement mitigation strategies as well as administrative and technical risk management plans to protect and secure process control systems.

Resources for Attendees

  • There is no textbook that attendees need to obtain. A variety of resource material will be made available to the attendees as needed throughout the course.

Course delivery
Format
 

Commitment

Delivery

5 days

9am - 4pm

In-person

 

Schedule

 

Day 1
 		Day 2Day 3Day 4Day 5

Morning (Combined):
Introduction to Industrial Control Systems (ICS), CIA Triad, ICS security risks and Kali tools.

Morning (Streams):

  • Engineering: Siemens PLC programming using digital twins and IEC 61131-3 standards.

  • IT: Network security and firewall policy implementation

Morning (Streams):

  • Engineering: Advanced SCADA systems and data management.

  • IT: Penetration testing and intrusion detection.

Morning (Combined):
Red/Blue team exercise simulating attacks and defence of critical infrastructure.
IoT security vulnerabilities in industrial environments.

Morning (Combined):
Review of Red/Blue exercise and ICS defence strategies.
Social engineering and cyber-attack simulations.

Afternoon (Streams):

  • Engineering: PLC programming (Rockwell / Allen Bradley) using real hardware.

  • IT: Wireless and mobile security testing using Kali tools.

Afternoon (Streams):

  • Engineering: HMI and SCADA systems integration, including historians and SQL.

  • IT: VPN design and implementation (WireGuard, IKEv2).

Afternoon (Streams):

  • Engineering: Modbus RTU/TCP security and manipulation.

  • IT: Multi-factor authentication implementation and testing.

Afternoon (Combined):
Continuation of Red/Blue exercise and advanced attack scenarios.		Afternoon (Combined):
Course review and wrap-up.

Next steps

To enrol in Critical Infrastructure Cyber Security, please select your preferred date and register below.

Skills and career

Skills

Cyber Threat Awareness
Risk Management
Security Principles
Network Security
Systems Security
Incident Response
Vulnerability Identification
ICS Understanding

Career roles

Info Security Officer
IT Professionals
Engineering Professionals
Risk and Compliance
Security Administrator

Course is suitable for
Career Stage
Early Career
Mid Career
Senior Leadership
Career Mode
Upskill
Professional Development
Portfolio Professional
Training and Education
Strategic Oversight
Upskilling for Future Readiness