Zero-Trust Approach to Critical infrastructure
RCCE students will learn critical infrastructure protection for sectors including energy, water, transportation, healthcare, and communications, covering sector-specific threats, regulatory frameworks, and defense strategies. RCCE students will learn to assess security posture for critical infrastructure environments, implement ICS-specific security controls, comply with frameworks like NERC CIP and IEC 62443, design network architectures that protect operational technology from IT-based threats, monitor industrial systems for cyber-physical attacks, conduct vulnerability assessments without disrupting operations, and coordinate with government agencies including CISA for threat intelligence sharing. This zero-trust course applies modern security principles including least privilege, continuous verification, and explicit trust evaluation. At an expert level, RCCE students will learn to implement zero-trust architectures that assume breach and verify every access request regardless of network location. Students build practical zero-trust implementations that align with organizational security modernization goals.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Zero-Trust Approach to Critical infrastructure
- Apply zero-trust principles to privilege decisions and elevation
- Execute hands-on tasks for critical infrastructure
- Execute hands-on tasks for core principles
- Execute hands-on tasks for key components — covering Identity-centric security model.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for key insight — covering Every access request is evaluated dynamically — no implicit trust from network location.
- Execute hands-on tasks for critical infrastructure sectors
- Execute hands-on tasks for water systems
- Execute hands-on tasks for security: mature tooling available — covering Priority: Availability and safety first.
- Explain ICS/SCADA Architecture Overview fundamentals
| Module 01 | Zero-Trust Approach to |
| Module 02 | Critical Infrastructure |
| Module 03 | Zero Trust Fundamentals |
| Module 04 | Core Principles |
| Module 05 | Key Components |
| Module 06 | NIST SP 800-207 Zero Trust Architecture |
| Module 07 | Key Insight |
| Module 08 | Critical Infrastructure Sectors |
| Module 09 | Water Systems |
| Module 10 | Security: Mature tooling available |
| Module 11 | ICS/SCADA Architecture Overview |
| Module 12 | Purdue Model layers and their security implications |
| Module 13 | Level 5: Enterprise Network |
| Module 14 | Level 4: Business Planning |
All hands-on labs run on Rocheston Rose X OS. Students practice zero-trust approach to critical infrastructure by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Apply zero-trust principles to privilege decisions and elevation
- Lab 2: Execute hands-on tasks for critical infrastructure
- Lab 3: Apply zero-trust principles to privilege decisions and elevation
- Lab 4: Execute hands-on tasks for core principles
- Lab 5: Execute hands-on tasks for key components
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Zero-Trust Approach to Critical infrastructure, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI