Critical infrastructure Threats and Detection
RCCE students will learn critical infrastructure protection for sectors including energy, water, transportation, healthcare, and communications, covering sector-specific threats, regulatory frameworks, and defense strategies. RCCE students will learn to assess security posture for critical infrastructure environments, implement ICS-specific security controls, comply with frameworks like NERC CIP and IEC 62443, design network architectures that protect operational technology from IT-based threats, monitor industrial systems for cyber-physical attacks, conduct vulnerability assessments without disrupting operations, and coordinate with government agencies including CISA for threat intelligence sharing. This threat-focused course teaches students to think like adversaries while building robust defenses. At an expert level, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Critical infrastructure Threats and Detection
- Execute hands-on tasks for critical infrastructure
- Build detections and response workflows for privilege escalation
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for threat landscape mastery — covering Identify CI sector-specific threat actors.
- Build detections and response workflows for privilege escalation, including Build detection logic for OT environments.
- Execute hands-on tasks for regulatory compliance — covering NERC CIP requirements.
- Design a scalable privilege management architecture with policy and enforcement, including segmented OT network architectures.
- Execute hands-on tasks for defining critical infrastructure
- Execute hands-on tasks for presidential policy directive 21 — covering Identifies 16 CI sectors, National coordinator for CI security.
- Execute hands-on tasks for cisa role — covering Identifies 16 CI sectors.
- Execute hands-on tasks for risk framework — covering NIST Cybersecurity Framework alignment.
- Execute hands-on tasks for the 16 critical infrastructure sectors
| Module 01 | Critical Infrastructure |
| Module 02 | Threats and Detection |
| Module 03 | Learning Objectives |
| Module 04 | Threat Landscape Mastery |
| Module 05 | Detection Engineering |
| Module 06 | Regulatory Compliance |
| Module 07 | Defensive Architecture |
| Module 08 | Defining Critical Infrastructure |
| Module 09 | Presidential Policy Directive 21 |
| Module 10 | CISA Role |
| Module 11 | Risk Framework |
| Module 12 | The 16 Critical Infrastructure Sectors |
| Module 13 | Water & Wastewater |
| Module 14 | Healthcare & Public Health |
All hands-on labs run on Rocheston Rose X OS. Students practice critical infrastructure threats and detection by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for critical infrastructure
- Lab 2: Build detections and response workflows for privilege escalation
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for threat landscape mastery
- Lab 5: Build detections and response workflows for privilege escalation
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Critical infrastructure Threats and Detection, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI